We are running an in-house SBS 2011 single Exchange Server. One of my clients is suffering an enormous amount of spam (anything from 50 to 200 spam messages every day). No one else on our network seems to have too much of a problem. All of the spam seems to be flagged with SCL -1 indicating that it is internal but I have no luck in trying to track this down. I attach an example of two headers from spam messages followed by two headers from 'normal' valid messages for comparison. I have changed the name of our server to mail.fiction.co.uk and our legitimate user to be email@example.com . And changed a few names and numbers to protect the innocent. The rest is pretty much cut and pasted as it is. Can anyone help me determine what is going on here? Edited-Email-Headers.docx
Received: from nad-fb63e897ada (220.127.116.11)
Received: from kristina (77.xx.yyy.123)
What spam software you using on exchange ?