This is an example of spam that either comes from firstname.lastname@example.org or is to email@example.com
I have a spam rule for spoofed addresses in ESET ENOD32 for Exchange and it does not get tripped.
There must be a way to see the "real" information- how does it know to send this to a firstname.lastname@example.org??? Who is it really from???
99.9% of the fictitious email@example.com contain a virus and is caught before it gets to the user. This one was clean, so it got through.
We do NOT have the Exchange Edge role installed.
Received: from sendmail-reverseproxy.ourdomain.com (192.168.0.6) by exchange2007SP3.ourdomain.com
(192.168.0.5) with Microsoft SMTP Server (TLS) id 220.127.116.11; Tue, 13 Dec 2011
Received: from [18.104.22.168] ([22.214.171.124]) by sendmail-reverseproxy.ourdomain.com
(8.13.8/8.13.8) with ESMTP id pBDE0NZK030057; Tue, 13 Dec 2011 09:00:25 -0500
(EST) (envelope-from ReeseBirkenholz@eventlive.fr)
Received: from [126.96.36.199] (account firstname.lastname@example.org HELO ourdomain.com)
by ourdomain.com (CommuniGate Pro SMTP 5.4.0) with ESMTPA id 450891943 for
<email@example.com>; Tue, 13 Dec 2011 07:19:22 +0700
Subject: Fwd: Re: Order K01040688
Date: Tue, 13 Dec 2011 07:19:22 +0700
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3264
X-EsetResult: clean, is OK