Solved

Someone is spamming using my email address

Posted on 2011-02-12
7
487 Views
Last Modified: 2012-05-11
I have a client that is getting an unheard of amount of bounce backs. No of the emails are originating from inside but someone outside is using her email address as the from address in Microsoft Express. How can I stop all of these bounce backs.


Again I confirmed that the email is not being sent from inside my network, but the bounce backs are coming back to her email


is there something on the exchange server or Trend Spam Filter that I can block these?
0
Comment
Question by:initialit
7 Comments
 
LVL 22

Expert Comment

by:Luciano Patrão
Comment Utility
Hi

This means that your Exchange is an open relay.

So you need to set the Exchange to prevent being used as open relay.

Test you Exchange as open relay:

http://support.microsoft.com/kb/153119/en-us

Since you did not add the Exchange version, check this to fix

http://www.techrepublic.com/article/prevent-open-relays-on-exchange-server/6058582

http://www.petri.co.il/authenticated-or-anonymous-smtp-relay-with-exchange-2007.htm

For understanding the open relay and permissions check this:

http://technet.microsoft.com/en-us/library/aa997170%28EXCHG.140%29.aspx

And also http://www.amset.info/exchange/smtp-openrelay.asp

Hope this can help

Jail
0
 
LVL 5

Accepted Solution

by:
LLMorrisson earned 500 total points
Comment Utility
If you are sure they are not coming from your or your clients own LAN or email servers then it sounds like you may not be using SPF (sender policy framework). SPF is infomation in DNS for the email domain which tells remote MX servers which IPs are authorised to send email for that domain.

If you enable this for your clients domain name it will reduce the spammers scope by only allowing him to connect to email servers which don't check SPF info.

From the Wiki on it (link below)....

Reasons to implement

If a domain publishes an SPF record, spammers and phishers are less likely to forge e-mails pretending to be from that domain, since the forged e-mails are more likely to be caught in spam filters which check the SPF record. Therefore, an SPF protected domain is less attractive to spammers and phishers. Since an SPF protected domain is less attractive as a spoofed address, it is less likely to be blacklisted by spam filters and so ultimately the legitimate e-mail from the domain is more likely to get through

http://en.wikipedia.org/wiki/Sender_Policy_Framework

You can ask your DNS admin to add the relevent TXT records in your clients public DNS.

Regards,
LLMorrisson.

0
 
LVL 41

Expert Comment

by:Amit
Comment Utility
Check from what domain that email is coming. Block that domain in Trend Spam Filter.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:initialit
Comment Utility
This is not coming from inside.

Its MS exchange 2003 SP2

The email is coming from random domains on the internet. Pretty much someone emails a bogus address, uses a users from address, then that user gets the bounce back.


Thanks
0
 
LVL 22

Expert Comment

by:Luciano Patrão
Comment Utility
Hi

Like I said above, check the open relay from your Exchange Server

Jail
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
The problem you are experiencing is typical spammer behaviour and there is little you can do to prevent this from happening, apart from setting up and SPF record and installing some good Anti-Spam software, such as Vamsoft ORF - www.vamsoft.com ($239 per server).

My article explains a little about SPF and what it can do and also has some other Anti-Spam techniques if you don't want to purchase 3rd party anti-spam software:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2527-How-to-prevent-Spoofed-Emails-in-Exchange-2003.html
0
 
LVL 10

Expert Comment

by:Abdulmalek_Hamsho
Comment Utility
The above suggestions work if the sender realy uses your email server to send these messages, but the most common and easier way for the spammer is to use an anonymous email sender which can send in any email behalf, and you cannot do anything in this case except using the Junk Email filters, which can catch such messages.
0

Featured Post

The curse of the end user strikes again      

You’ve updated all your end user’s email signatures. Hooray! But guess what? They’re playing around with the HTML, adding stupid taglines and ruining the imagery. Find out how you can save your signatures from end users today.

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now