Solved

Message sent succesfully but copy generated to MultipleRecipients

Posted on 2009-05-05
1
184 Views
Last Modified: 2012-05-06
Spam does get though once in awhile

But in a 3 hour window, numerous Spam got through the Mail marshal filters. These messages were addressed to one recipient, but upon Queuing, they were delivered to all mailboxes in the same Mailbox Store.

The users received the emails in outlook addressed to the original recipient. There was no other users in the To:/CC:/BCC: fields and the internet headers did not show any.  The Mailbox has no relaying rules.

How can this happen?  how Can we track it more easily and how can we stop it from happening in the future?

This is a concern on two fronts:
1) If this is a function of the Spam, we need to update our filter
2) If this happened internally, are there other sentsitive emails have been routed incorrectly?

Attached is the screen shot of the Message tracking Center.

Thanks for your help!



Microsoft Mail Internet Headers Version 2.0
Received: from XXXX ([172.19.200.75]) by XXX with Microsoft SMTPSVC(6.0.3790.3959);
	 Sat, 2 May 2009 12:44:17 -0400
Received: from X-relayXom ([172.19.9.11]) by bXXXXom with Microsoft SMTPSVC(6.0.3790.3959);
	 Sat, 2 May 2009 12:44:16 -0400
Received: from pc2.gravity-lan-5.netvisio.net (Not Verified[85.187.233.131]) by X-relay.tXX.com with MailMarshal (v6,4,6,5922)
	id <B49fc785f0000>; Sat, 02 May 2009 12:44:15 -0400
Message-ID: <000d01c9cb45$2875a3b0$6400a8c0@browbeatenzp180>
From: "Darrel Fish" <browbeatenzp180@aegisadvisors.com>
To: <Single_XXXX_USER@cXXXX.com>
Subject: Your masculinity will open up just in a few weeks.
Date: Sat, 2 May 2009 19:43:44 +0200
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_NextPart_000_0007_01C9CB45.2875A3B0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
X-Antivirus: avast! (VPS 000703-1, 15.01.2007), Outbound message
X-Antivirus-Status: Clean
Return-Path: browbeatenzp180@aegisadvisors.com
X-OriginalArrivalTime: 02 May 2009 16:44:16.0894 (UTC) FILETIME=[3B8B59E0:01C9CB45]
 
------=_NextPart_000_0007_01C9CB45.2875A3B0
Content-Type: text/plain;
	charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
 
------=_NextPart_000_0007_01C9CB45.2875A3B0
Content-Type: text/html;
	charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
 
 
------=_NextPart_000_0007_01C9CB45.2875A3B0--

Open in new window

mess-hist.jpg
0
Comment
Question by:david_insid
1 Comment
 
LVL 65

Accepted Solution

by:
Mestha earned 500 total points
ID: 24320669
BCC. Remember spam headers are false. You cannot rely on them. Common spammers trick is to have a single line in the TO field and the rest in the BCC.

Simon.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question