Internal email message gets sent to unknown recipient outside the company
Posted on 2013-06-20
This is a very weird situation. This is a Microsoft Exchange Server 2003 Small Business server with Microsoft Outlook 2007 clients. There are five employees. Employee A sent an email to the other four people with a nice quote to start the day. A few days later, Employee A got an email from an unknown person at a reputable consulting company saying thanks for the kind words. Employee A didn't know who this person was.
When we look at the email in her sent items which was sent at 7:39am on Tuesday, only the four employees are in the To line and no one is CC's or Bcc'd. The response from the unknown party included the original message and it has the same date and time but this person's email address is included as a fifth recipient. I double checked Employee A's sent items and this unknown person is NOT on the To: list.
Message tracking was not turned on with this server. Ugh. I checked everyone's rules and there are no auto-forwarding rules ... actually no rules of any sort. I am at a loss as to how this person magically became a recipient when the original email doesn't include her at all. There is anti-malware on all clients and the server. The server checks out fine