troubleshooting Question


Avatar of Yba02
Yba02Flag for Saudi Arabia asked on
ExchangeOS Security
9 Comments2 Solutions556 ViewsLast Modified:
Somehow, an intruder, or a malware for that matter, managed to send loads of emails from my Exchange server.  Fortunately, no one got harmed; unfortunately, except us!
Our email security host stopped our account because all of those emails were sent to them first, before being declined delivery as the emails' addresses were bogus.  Below is the header of one of those emails, which I hope would tell part, if not all, of the story:

Received: from User ([]) by with Microsoft SMTPSVC(6.0.3790.1830);
Mon, 21 May 2012 15:55:19 +0300
Reply-To: <>
From: "Mrs. Faith Williams"<>
Subject: CAN I TRUST YOU?tst
Date: Mon, 21 May 2012 09:59:32 -0300
MIME-Version: 1.0
Content-Type: text/html;
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-ID: <>
X-OriginalArrivalTime: 21 May 2012 12:55:20.0097 (UTC) FILETIME=[FA5DB910:01CD3750]

I have a number of questions here:
1 – Does the header above tell anything as to how the attack was first launched?
2 – Can it be told whether the attack has originated from an infected client in the network or from Exchange server itself.
3 – Is there any technique in Exchange to stop such emails from being sent in the first place?

Kindly do not answer if you are not an expert and have sufficient knowledge in the matter.

Join our community to see this answer!
Unlock 2 Answers and 9 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 9 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros