Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

out of office reply from many unknown persons

Posted on 2014-01-06
7
Medium Priority
?
545 Views
Last Modified: 2014-03-09
Hello
During the holidays we received a lot of out of office mails.
Unfortunately there are many people we didn't have on our recipient lists.

Only real clients should become our emails, but lot of them forward those emails to other company's and users (although they are not allowed).

Can someone help me to understand how does the out of office replay finds a way back to our Mailbox?
We are using Windows Server 2008 R2, Exchange 2012 and Outlook 2007.
0
Comment
Question by:HelpdeskJBC
7 Comments
 
LVL 19

Expert Comment

by:Delphineous Silverwing
ID: 39763145
It is not uncommon for SPAMmers to use a spoofed e-mail address as the FROM on their outgoing junk mail.  In these cases, it is likely that a spammer used your e-mail address and you are getting the automatic replies as a result.

There isn't much you can do about it.
0
 
LVL 27

Expert Comment

by:Blue Street Tech
ID: 39763232
Hi HelpdeskJBC,

Are the OOO emails coming from your staff, fake internal addresses or just random addresses?

Have you diagnosed the headers?

Without knowing any details, I'd chalk it up to spam. You can use SPF records set to hard fail. What type of Anti-Spam Engine are you using?
0
 
LVL 32

Expert Comment

by:nappy_d
ID: 39763600
This is spoofing as diverseit as responded.

How can you stop it? You can't.  You can however reduce it with your OOO messages.

Since you are using Outlook and exchange, if you set our OOO for external contacts, set it to only reply to "my contacts only".  By doing this, if a spammer is not in your address book, hey won't a response which helps validate your email address for them to spoof.

OOO Settings
0
WatchGuard Case Study: Museum of Flight

“With limited money and limited staffing, we didn’t have a lot of choices in terms of what we could do to bring efficiency. WatchGuard played a central part in changing that.” To provide strong, secure Wi-Fi access within the museum, Hunter chose to deploy WatchGuard’s AP120 APs.

 

Author Comment

by:HelpdeskJBC
ID: 39764299
Hello and thank you for the reply

the out of office messages are from real people some of them are also in contact with us but not on the distribution list for this kind of information we are getting the Out of Office reply from.
0
 

Author Comment

by:HelpdeskJBC
ID: 39764306
OOO is from outside other companies other people (20% known people, 100% known companies)


Lets say customer A has forwarded to a fried B and both of them are on holiday --> ooo
Why do we receive the ooo from friend B? is this possible during the forwarded email?

So for the Email Program on friend B it must look like that the Email from our side is addressed to B --> so it would be normal to send ooo to us?
normally ooo should go back to the forwarder Customer A?
0
 
LVL 27

Accepted Solution

by:
Blue Street Tech earned 2000 total points
ID: 39764389
This can happen for a number of reasons. Here are a few:

Outlook Client Rules.
OOO Rules...just like Outlook Client Rules there are OOO Rules.
Transport Rules

Any one of these can trigger and email to you if you are on one of their DGs. Hence you receiving an OOO for a recipient you never sent to. OOO responds to current sender - it doesn't matter who the email originated from.

Make sense?
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses
Course of the Month11 days, 16 hours left to enroll

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question