Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Someone is spamming using my email address

Posted on 2011-02-12
7
Medium Priority
?
504 Views
Last Modified: 2012-05-11
I have a client that is getting an unheard of amount of bounce backs. No of the emails are originating from inside but someone outside is using her email address as the from address in Microsoft Express. How can I stop all of these bounce backs.


Again I confirmed that the email is not being sent from inside my network, but the bounce backs are coming back to her email


is there something on the exchange server or Trend Spam Filter that I can block these?
0
Comment
Question by:initialit
7 Comments
 
LVL 24

Expert Comment

by:Luciano Patrão
ID: 34879733
Hi

This means that your Exchange is an open relay.

So you need to set the Exchange to prevent being used as open relay.

Test you Exchange as open relay:

http://support.microsoft.com/kb/153119/en-us

Since you did not add the Exchange version, check this to fix

http://www.techrepublic.com/article/prevent-open-relays-on-exchange-server/6058582

http://www.petri.co.il/authenticated-or-anonymous-smtp-relay-with-exchange-2007.htm

For understanding the open relay and permissions check this:

http://technet.microsoft.com/en-us/library/aa997170%28EXCHG.140%29.aspx

And also http://www.amset.info/exchange/smtp-openrelay.asp

Hope this can help

Jail
0
 
LVL 5

Accepted Solution

by:
LLMorrisson earned 2000 total points
ID: 34879818
If you are sure they are not coming from your or your clients own LAN or email servers then it sounds like you may not be using SPF (sender policy framework). SPF is infomation in DNS for the email domain which tells remote MX servers which IPs are authorised to send email for that domain.

If you enable this for your clients domain name it will reduce the spammers scope by only allowing him to connect to email servers which don't check SPF info.

From the Wiki on it (link below)....

Reasons to implement

If a domain publishes an SPF record, spammers and phishers are less likely to forge e-mails pretending to be from that domain, since the forged e-mails are more likely to be caught in spam filters which check the SPF record. Therefore, an SPF protected domain is less attractive to spammers and phishers. Since an SPF protected domain is less attractive as a spoofed address, it is less likely to be blacklisted by spam filters and so ultimately the legitimate e-mail from the domain is more likely to get through

http://en.wikipedia.org/wiki/Sender_Policy_Framework

You can ask your DNS admin to add the relevent TXT records in your clients public DNS.

Regards,
LLMorrisson.

0
 
LVL 44

Expert Comment

by:Amit
ID: 34880235
Check from what domain that email is coming. Block that domain in Trend Spam Filter.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:initialit
ID: 34880533
This is not coming from inside.

Its MS exchange 2003 SP2

The email is coming from random domains on the internet. Pretty much someone emails a bogus address, uses a users from address, then that user gets the bounce back.


Thanks
0
 
LVL 24

Expert Comment

by:Luciano Patrão
ID: 34880557
Hi

Like I said above, check the open relay from your Exchange Server

Jail
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34880679
The problem you are experiencing is typical spammer behaviour and there is little you can do to prevent this from happening, apart from setting up and SPF record and installing some good Anti-Spam software, such as Vamsoft ORF - www.vamsoft.com ($239 per server).

My article explains a little about SPF and what it can do and also has some other Anti-Spam techniques if you don't want to purchase 3rd party anti-spam software:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2527-How-to-prevent-Spoofed-Emails-in-Exchange-2003.html
0
 
LVL 10

Expert Comment

by:Abdulmalek_Hamsho
ID: 34882438
The above suggestions work if the sender realy uses your email server to send these messages, but the most common and easier way for the spammer is to use an anonymous email sender which can send in any email behalf, and you cannot do anything in this case except using the Junk Email filters, which can catch such messages.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
how to add IIS SMTP to handle application/Scanner relays into office 365.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

783 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question