Message sent succesfully but copy generated to MultipleRecipients

Spam does get though once in awhile

But in a 3 hour window, numerous Spam got through the Mail marshal filters. These messages were addressed to one recipient, but upon Queuing, they were delivered to all mailboxes in the same Mailbox Store.

The users received the emails in outlook addressed to the original recipient. There was no other users in the To:/CC:/BCC: fields and the internet headers did not show any.  The Mailbox has no relaying rules.

How can this happen?  how Can we track it more easily and how can we stop it from happening in the future?

This is a concern on two fronts:
1) If this is a function of the Spam, we need to update our filter
2) If this happened internally, are there other sentsitive emails have been routed incorrectly?

Attached is the screen shot of the Message tracking Center.

Thanks for your help!



Microsoft Mail Internet Headers Version 2.0
Received: from XXXX ([172.19.200.75]) by XXX with Microsoft SMTPSVC(6.0.3790.3959);
	 Sat, 2 May 2009 12:44:17 -0400
Received: from X-relayXom ([172.19.9.11]) by bXXXXom with Microsoft SMTPSVC(6.0.3790.3959);
	 Sat, 2 May 2009 12:44:16 -0400
Received: from pc2.gravity-lan-5.netvisio.net (Not Verified[85.187.233.131]) by X-relay.tXX.com with MailMarshal (v6,4,6,5922)
	id <B49fc785f0000>; Sat, 02 May 2009 12:44:15 -0400
Message-ID: <000d01c9cb45$2875a3b0$6400a8c0@browbeatenzp180>
From: "Darrel Fish" <browbeatenzp180@aegisadvisors.com>
To: <Single_XXXX_USER@cXXXX.com>
Subject: Your masculinity will open up just in a few weeks.
Date: Sat, 2 May 2009 19:43:44 +0200
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_NextPart_000_0007_01C9CB45.2875A3B0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
X-Antivirus: avast! (VPS 000703-1, 15.01.2007), Outbound message
X-Antivirus-Status: Clean
Return-Path: browbeatenzp180@aegisadvisors.com
X-OriginalArrivalTime: 02 May 2009 16:44:16.0894 (UTC) FILETIME=[3B8B59E0:01C9CB45]
 
------=_NextPart_000_0007_01C9CB45.2875A3B0
Content-Type: text/plain;
	charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
 
------=_NextPart_000_0007_01C9CB45.2875A3B0
Content-Type: text/html;
	charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
 
 
------=_NextPart_000_0007_01C9CB45.2875A3B0--

Open in new window

mess-hist.jpg
david_insidAsked:
Who is Participating?
 
MesthaConnect With a Mentor Commented:
BCC. Remember spam headers are false. You cannot rely on them. Common spammers trick is to have a single line in the TO field and the rest in the BCC.

Simon.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.