Solved

Someone is spamming using my email address

Posted on 2011-02-12
7
488 Views
Last Modified: 2012-05-11
I have a client that is getting an unheard of amount of bounce backs. No of the emails are originating from inside but someone outside is using her email address as the from address in Microsoft Express. How can I stop all of these bounce backs.


Again I confirmed that the email is not being sent from inside my network, but the bounce backs are coming back to her email


is there something on the exchange server or Trend Spam Filter that I can block these?
0
Comment
Question by:initialit
7 Comments
 
LVL 22

Expert Comment

by:Luciano Patrão
ID: 34879733
Hi

This means that your Exchange is an open relay.

So you need to set the Exchange to prevent being used as open relay.

Test you Exchange as open relay:

http://support.microsoft.com/kb/153119/en-us

Since you did not add the Exchange version, check this to fix

http://www.techrepublic.com/article/prevent-open-relays-on-exchange-server/6058582

http://www.petri.co.il/authenticated-or-anonymous-smtp-relay-with-exchange-2007.htm

For understanding the open relay and permissions check this:

http://technet.microsoft.com/en-us/library/aa997170%28EXCHG.140%29.aspx

And also http://www.amset.info/exchange/smtp-openrelay.asp

Hope this can help

Jail
0
 
LVL 5

Accepted Solution

by:
LLMorrisson earned 500 total points
ID: 34879818
If you are sure they are not coming from your or your clients own LAN or email servers then it sounds like you may not be using SPF (sender policy framework). SPF is infomation in DNS for the email domain which tells remote MX servers which IPs are authorised to send email for that domain.

If you enable this for your clients domain name it will reduce the spammers scope by only allowing him to connect to email servers which don't check SPF info.

From the Wiki on it (link below)....

Reasons to implement

If a domain publishes an SPF record, spammers and phishers are less likely to forge e-mails pretending to be from that domain, since the forged e-mails are more likely to be caught in spam filters which check the SPF record. Therefore, an SPF protected domain is less attractive to spammers and phishers. Since an SPF protected domain is less attractive as a spoofed address, it is less likely to be blacklisted by spam filters and so ultimately the legitimate e-mail from the domain is more likely to get through

http://en.wikipedia.org/wiki/Sender_Policy_Framework

You can ask your DNS admin to add the relevent TXT records in your clients public DNS.

Regards,
LLMorrisson.

0
 
LVL 42

Expert Comment

by:Amit
ID: 34880235
Check from what domain that email is coming. Block that domain in Trend Spam Filter.
0
Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users do...so should you!

 

Author Comment

by:initialit
ID: 34880533
This is not coming from inside.

Its MS exchange 2003 SP2

The email is coming from random domains on the internet. Pretty much someone emails a bogus address, uses a users from address, then that user gets the bounce back.


Thanks
0
 
LVL 22

Expert Comment

by:Luciano Patrão
ID: 34880557
Hi

Like I said above, check the open relay from your Exchange Server

Jail
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34880679
The problem you are experiencing is typical spammer behaviour and there is little you can do to prevent this from happening, apart from setting up and SPF record and installing some good Anti-Spam software, such as Vamsoft ORF - www.vamsoft.com ($239 per server).

My article explains a little about SPF and what it can do and also has some other Anti-Spam techniques if you don't want to purchase 3rd party anti-spam software:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2527-How-to-prevent-Spoofed-Emails-in-Exchange-2003.html
0
 
LVL 10

Expert Comment

by:Abdulmalek_Hamsho
ID: 34882438
The above suggestions work if the sender realy uses your email server to send these messages, but the most common and easier way for the spammer is to use an anonymous email sender which can send in any email behalf, and you cannot do anything in this case except using the Junk Email filters, which can catch such messages.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now