Hello everyone, I have a bit of a long winded question. I have a user that is getting emails dumped into her account that are not addressed to her. She has Outlook 2003 with no extra accounts setup besides her exchange account. I am running Exchange 2003 and Trend Micro SMB for spam and antivirus. I can't find where these addresses which arent legit addresses are being told to go to her inbox? These bad addresses are not listed in AD under aliases or in AD at all that I can find. And it only seems to be her, and when I got to her machine and look at the email and click on properties this no tab to look at the details of the header? I just took over here so I dont know how things were setup before but is there something leftover from another program or something that would be telling these emails to go through to her? I am sure there are a ton of details I left out but please point me in the right direction of things to check. Thanks
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Emails dumped into an account
- Thread starter billey100
- Start date
- Thread starter
- #3
But I have looked at every single user in my AD and what email addresses they have listed under the Email Addresses tab and no one has this email address that she is getting dumped. If she was a delegate wouldn't that email account have to exist in the first place some where in AD or ESM for it to get forwarded to her?
RichardHuang
Technical User
It could be the malware on her computer. Have you done the full virus scan on her PC?
- Thread starter
- #5
Thanks for the reply but no not a full scan I will do that now, she does have Trend Micro Client/Server Secutiy for SMB with real time scanning for both spyware and antivirus. But I will run a few extra things and run a full scan of the SMB and let you know.
Perhaps it was a mistype on your end, but to view the headers, you go to View and Options, not file and properties.
Also, her "real" address may be a BCC so you might only see the other addresses in the to field, not hers. So the e-mails get to her via BCC.
Are they coming from the Internet or internal?
R.Sobelman
Also, her "real" address may be a BCC so you might only see the other addresses in the to field, not hers. So the e-mails get to her via BCC.
Are they coming from the Internet or internal?
R.Sobelman
- Thread starter
- #7
They are coming in through the Internet, sorry about the headers i figured that out after i posted this morning, but from what i can tell in the header it doesn't look any different. Probably b/c they don't put BCC's in the header either. Thing I don't understand is my Trend Micro Quarantine has a bunch of emails in there addressed to this email address that sometimes gets dumped into hers. Does that mean that instead of rejecting the email becasuse there is no such address and kicking it back it is accepting them? Some of them must be addresses just to the invalid recipient and some must have her in the BCC. I don't see anywhere in trend micro where I can turn unknown reciepients on so that it bounces anything thats not in AD?
I don't know that you can set Trend to only accept for valid accounts. Even if you could, there are downsides. I'm not sure I understand when you say that email in the quarantine is getting dumped to her? I only run the Trend AV product, not the anti-spam version. When you say "my" Trend Quarantine, you mean for the entire company, or your personal quarantine? If it is your personal quarantine, then it may be that her personal settings are not the same and are allowing them through and yours are not.
R.Sobelman
R.Sobelman
- Thread starter
- #9
I didnt really type that clear enough, none of the emails that get caught in the quarantine ever make it past the quarantine on the server. I guess I am just saying that I have messages in there that are addressed to the same invalid email that is getting dumped into her outlook. So some addressed to the invalis email get caught and some go through but not to the invalid address, they go through to the valid user and are completely unrelated names? We don't have personal quarantines at all so it's not a personal setting I don't think.
- Thread starter
- #11
Yes it's really just spam from what I can tell but the main address is not addressed to her. When I say quarantine I mean my Spam Quarantine, I have a seperate location for virus quarantine although it's all run by the same program, I guess it's possible that she is in the BCC and that address is in the TO and I have no way of stopping it besides blocking the domain of the email in my spam filter?
- Thread starter
- #13
Thanks I am blocking them as they get to her, seems to be making a difference slowly. My defs are up to date as they are going to get, Trend Micro works really great and is simple to use but it doesn't have a ton of bells and whistles like some of the others. Like Symantec Brightmail or something like that has a invalid recipient tab that you can just kill it before it even gets to the exchange server.
- Status
Similar threads
- Locked
- Helpful tip
- Locked
- Question
- Locked
- Question
- Locked
- Question
