How can I find the source of email with malware in the attachments?
Posted on 2014-12-01
Every day different users on our domain receive email which contains malware. The senders seem to related: firstname.lastname@example.org or email@example.com. Sometimes, it's UPS or DHL or something else.
I am using Symantec Antivirus for Exchange and I am blocking all executables in all email, so I see quarantined emails left and right.
My question: is there a way to identify the actual source of these are coming from? Does this indicate that the problem is coming from one machine and that if we clean it this email will stop?
Thanks for your ideas and assistance.