I have two email domains set up on my Exchange 2010 infrastructure... @somecompany.com and @othercompany.com
@somecompany.com is being used at the moment.
@othercompany.com will be migrated to in time.
This morning I set up a new @othercompany.com mailbox.
The email address has not been given out and is not currently being used.
Within one hour, my anti virus solution was informing me that it was blocking spam emails sent to this new @othercompany.com email address.
My question is how the spammers have found the existence of this new mailbox so quickly, given that it is not being used and its details haven't been given out to anyone.
Am I compromised in some way?
The GAL for Outlook regenerates at 4am, so no one will have this mailbox in their OAB yet (although Terminal Server users hit the GAL directly and don't use the OAB - but I am sure that that is secure).
Any recommendations as to things I can investigate to try and figure this one out?
Thanks for reading.