Guys, we have a constant SPAMMING issue, where someone within the organisation is spamming our mail server (its been ongoing for weeks now)
I have looked inside the header of the spam email and found the following
Received: from User by nepeaneng.com.au
with ESMTP id md50002621363.msg
for <firstname.lastname@example.org>; Wed, 02 Mar 2011 15:19:01 +1100
Reply-To: <barclaysfundtra @aol.com>
From: "Firdous Amin"<email@example.com>
Date: Tue, 1 Mar 2011 23:19:00 -0800
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-Authenticated-Sender: firstname.lastname@example.orgX-Spam-Processed: mail.nepeaneng.com.au, Wed, 02 Mar 2011 15:19:01 +1100
The valid account here is email@example.com. I found his computer and turned it off. Still the spamming continues. How do I rid myself of this nuisence? If thats the email that it is using to drop its payload, why is it when I kill his local lan access, the spamming persists?
firstname.lastname@example.org is the email sender that is spoofing
Any help would be appreciated.