?
Solved

Unknown Email

Posted on 2013-11-29
7
Medium Priority
?
366 Views
Last Modified: 2014-01-07
Hi,

A client of mine is receiving a lot of emails from unknown@domain.local to their exchange mailboxes

I have checked and the exchange/smtp server and it's not set to logging as per some of the forum i've seen.

Any other ideas?

thanks
Ryan
0
Comment
Question by:ryank85
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39685183
What do the messages actually say? It could simply be a spamming run, or an application that is sending out lots of messages. Not really enough to go on.

If you look at the headers, does that show the source as being external?

Simon.
0
 

Author Comment

by:ryank85
ID: 39685472
Hi Simon

The emails are blank, we can only see where the email has come from:-

These are the message headers.

Received: from domain.local (192.168.0.2) by SERVER.domain.local
 (192.168.0.2) with Microsoft SMTP Server id 8.3.298.1; Fri, 29 Nov 2013
 02:23:35 +0000
From: "Unknown@domain.local" <Unknown@domain.local>
Date: Fri, 29 Nov 2013 02:23:35 +0000
Subject:
Thread-Index: Ac7sqgG5VWOy/XkhRPenYqPNlMkRjQ==
Message-ID: <9b85a112-a7cf-415f-afe9-0ff6238f5fd6@Server.domain.local>
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 0a
X-MS-Exchange-Organization-AuthSource: Server.domain.local
X-MS-Has-Attach:
X-Auto-Response-Suppress: DR, OOF, AutoReply
X-MS-TNEF-Correlator:
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39685798
That is coming off something internal.
How much of that header have you changed? Does it really say unknown? Does the second part match your internal domain, or is it really domain.local?

While I appreciate that you want to hide information, in this case it is actually making it hard to diagnose without knowing what is genuine and what has been changed.

For example, some APC software has @domain.local in there as default.

Simon.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:ryank85
ID: 39689335
Hi Simon

The only thing that has been changed in the header is the 'domain' the actual name of the domain is the clients name. e.g clientname.local

thanks
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 2000 total points
ID: 39692667
Something internal is doing it. I cannot really help you much more than that.
Could be a printer, scanner, script, something like that.
There isn't enough in the header to diagnose the source.

Simon.
0
 

Author Comment

by:ryank85
ID: 39697589
ok thanks for your help
0
 

Author Closing Comment

by:ryank85
ID: 39761712
no more emails received on this matter
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article I discuss my selections of the Top Four free Outlook OST File Viewers available. Open, view and read even damaged OST files by using these tools. They all provide a clear preview of all data such as emails, notes, tasks, calendars, e…
New style of hardware planning for Microsoft Exchange server.
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses
Course of the Month8 days, 3 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question