Someone is spamming using my email address

I have a client that is getting an unheard of amount of bounce backs. No of the emails are originating from inside but someone outside is using her email address as the from address in Microsoft Express. How can I stop all of these bounce backs.


Again I confirmed that the email is not being sent from inside my network, but the bounce backs are coming back to her email


is there something on the exchange server or Trend Spam Filter that I can block these?
initialitAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Luciano PatrãoICT Senior Infraestructure  Engineer  Commented:
Hi

This means that your Exchange is an open relay.

So you need to set the Exchange to prevent being used as open relay.

Test you Exchange as open relay:

http://support.microsoft.com/kb/153119/en-us

Since you did not add the Exchange version, check this to fix

http://www.techrepublic.com/article/prevent-open-relays-on-exchange-server/6058582

http://www.petri.co.il/authenticated-or-anonymous-smtp-relay-with-exchange-2007.htm

For understanding the open relay and permissions check this:

http://technet.microsoft.com/en-us/library/aa997170%28EXCHG.140%29.aspx

And also http://www.amset.info/exchange/smtp-openrelay.asp

Hope this can help

Jail
0
LLMorrissonCommented:
If you are sure they are not coming from your or your clients own LAN or email servers then it sounds like you may not be using SPF (sender policy framework). SPF is infomation in DNS for the email domain which tells remote MX servers which IPs are authorised to send email for that domain.

If you enable this for your clients domain name it will reduce the spammers scope by only allowing him to connect to email servers which don't check SPF info.

From the Wiki on it (link below)....

Reasons to implement

If a domain publishes an SPF record, spammers and phishers are less likely to forge e-mails pretending to be from that domain, since the forged e-mails are more likely to be caught in spam filters which check the SPF record. Therefore, an SPF protected domain is less attractive to spammers and phishers. Since an SPF protected domain is less attractive as a spoofed address, it is less likely to be blacklisted by spam filters and so ultimately the legitimate e-mail from the domain is more likely to get through

http://en.wikipedia.org/wiki/Sender_Policy_Framework

You can ask your DNS admin to add the relevent TXT records in your clients public DNS.

Regards,
LLMorrisson.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
AmitIT ArchitectCommented:
Check from what domain that email is coming. Block that domain in Trend Spam Filter.
0
Redefine Your Security with AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Check out our on-demand webinar to learn more about how AI can help your organization!

initialitAuthor Commented:
This is not coming from inside.

Its MS exchange 2003 SP2

The email is coming from random domains on the internet. Pretty much someone emails a bogus address, uses a users from address, then that user gets the bounce back.


Thanks
0
Luciano PatrãoICT Senior Infraestructure  Engineer  Commented:
Hi

Like I said above, check the open relay from your Exchange Server

Jail
0
Alan HardistyCo-OwnerCommented:
The problem you are experiencing is typical spammer behaviour and there is little you can do to prevent this from happening, apart from setting up and SPF record and installing some good Anti-Spam software, such as Vamsoft ORF - www.vamsoft.com ($239 per server).

My article explains a little about SPF and what it can do and also has some other Anti-Spam techniques if you don't want to purchase 3rd party anti-spam software:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2527-How-to-prevent-Spoofed-Emails-in-Exchange-2003.html
0
Abdulmalek_HamshoCommented:
The above suggestions work if the sender realy uses your email server to send these messages, but the most common and easier way for the spammer is to use an anonymous email sender which can send in any email behalf, and you cannot do anything in this case except using the Junk Email filters, which can catch such messages.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.