Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Someone is spamming using my email address

Posted on 2011-02-12
7
Medium Priority
?
502 Views
Last Modified: 2012-05-11
I have a client that is getting an unheard of amount of bounce backs. No of the emails are originating from inside but someone outside is using her email address as the from address in Microsoft Express. How can I stop all of these bounce backs.


Again I confirmed that the email is not being sent from inside my network, but the bounce backs are coming back to her email


is there something on the exchange server or Trend Spam Filter that I can block these?
0
Comment
Question by:initialit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 24

Expert Comment

by:Luciano Patrão
ID: 34879733
Hi

This means that your Exchange is an open relay.

So you need to set the Exchange to prevent being used as open relay.

Test you Exchange as open relay:

http://support.microsoft.com/kb/153119/en-us

Since you did not add the Exchange version, check this to fix

http://www.techrepublic.com/article/prevent-open-relays-on-exchange-server/6058582

http://www.petri.co.il/authenticated-or-anonymous-smtp-relay-with-exchange-2007.htm

For understanding the open relay and permissions check this:

http://technet.microsoft.com/en-us/library/aa997170%28EXCHG.140%29.aspx

And also http://www.amset.info/exchange/smtp-openrelay.asp

Hope this can help

Jail
0
 
LVL 5

Accepted Solution

by:
LLMorrisson earned 2000 total points
ID: 34879818
If you are sure they are not coming from your or your clients own LAN or email servers then it sounds like you may not be using SPF (sender policy framework). SPF is infomation in DNS for the email domain which tells remote MX servers which IPs are authorised to send email for that domain.

If you enable this for your clients domain name it will reduce the spammers scope by only allowing him to connect to email servers which don't check SPF info.

From the Wiki on it (link below)....

Reasons to implement

If a domain publishes an SPF record, spammers and phishers are less likely to forge e-mails pretending to be from that domain, since the forged e-mails are more likely to be caught in spam filters which check the SPF record. Therefore, an SPF protected domain is less attractive to spammers and phishers. Since an SPF protected domain is less attractive as a spoofed address, it is less likely to be blacklisted by spam filters and so ultimately the legitimate e-mail from the domain is more likely to get through

http://en.wikipedia.org/wiki/Sender_Policy_Framework

You can ask your DNS admin to add the relevent TXT records in your clients public DNS.

Regards,
LLMorrisson.

0
 
LVL 44

Expert Comment

by:Amit
ID: 34880235
Check from what domain that email is coming. Block that domain in Trend Spam Filter.
0
Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

 

Author Comment

by:initialit
ID: 34880533
This is not coming from inside.

Its MS exchange 2003 SP2

The email is coming from random domains on the internet. Pretty much someone emails a bogus address, uses a users from address, then that user gets the bounce back.


Thanks
0
 
LVL 24

Expert Comment

by:Luciano Patrão
ID: 34880557
Hi

Like I said above, check the open relay from your Exchange Server

Jail
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34880679
The problem you are experiencing is typical spammer behaviour and there is little you can do to prevent this from happening, apart from setting up and SPF record and installing some good Anti-Spam software, such as Vamsoft ORF - www.vamsoft.com ($239 per server).

My article explains a little about SPF and what it can do and also has some other Anti-Spam techniques if you don't want to purchase 3rd party anti-spam software:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2527-How-to-prevent-Spoofed-Emails-in-Exchange-2003.html
0
 
LVL 10

Expert Comment

by:Abdulmalek_Hamsho
ID: 34882438
The above suggestions work if the sender realy uses your email server to send these messages, but the most common and easier way for the spammer is to use an anonymous email sender which can send in any email behalf, and you cannot do anything in this case except using the Junk Email filters, which can catch such messages.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes how to import Lotus Notes Contacts into Outlook 2016, 2013, 2010 and 2007 etc. with a few manual steps. You can easily export and migrate Lotus Notes contacts into Microsoft Outlook without having to use any third party tools.
Know the reasons and solutions to move/import EDB to New Exchange Server. Also, find out how to recover an Exchange .edb file and to restore the file back.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question