Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Getting replys from emails that haven't been sent???

Status
Not open for further replies.
fumper

fumper

Technical User
Sep 11, 2003
15
US
Hi All,

I am new to Exchange 2000 administration so please be kind...

Some, but not all of my users are getting replys from that the email they have sent contains a virus or the mail was undeliverable. My users tell me that they are not sending the emails, and I do believe them.

For example, jsmith@mycompany.com is getting emails from administrator@anothercompany.com that jsmith's email has viruses attached or saying the mail is undeliverable. The problem is that jsmith never sent an email to anyone at anothercompany.com.
I have run anti virus scans, (CA inoculate it, and also micro trend virus wall), but it does not find anything.

One of the VP's received a ton of these messages and now wants answers...

Can anyone please help?

Thanks in advance.
 
Sort by date Sort by votes
In Basic terms, someone gets infected with a virus. The Virus looks through that person's Address Book and begins to send out random emails using the email addresses in the Address Book. It randomly uses the email addresses in the From Field.
So this means that someone may get a virus which appears to have been sent by a user in your company. This does not mean it is your user who sent the email, simply someone who had that user's email address in their Address Book and got infected by a virus.



Claudius (What certifications??)
 
Upvote 0 Downvote
Sounds very much like one of the mass-mailer virii that appeared late last year. Mimail or sobig would use common aliases like jsmith@targetdomain.com in the spoofed from address.

 
Upvote 0 Downvote
Simply send the VP a link to Symantec's website and have him read some of the newest threats. Almost all of the new viruses are using random From and To addresses found in documents and addressbooks of an infected computer.

Make sure that no one on your network is infected with any virus or trojans. Is your Exchange server behind your firewall. If so, to be safe you should monitor your firewall for outgoing traffic when everyone is off the system. Look for any mail being sent out from your network and verify if is lagit. If you see emails being sent out when no one is working and there is no explanation, check for viruses and trojans on your servers. Make sure that your exchange box isn't being used as a relay.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Brent Fletcher
  • Locked
  • Question
Exchange rule to remove "✉" icon when it appears in a subject title from a supplier
Replies
0
Views
1K
Brent Fletcher
Brent Fletcher
IcarusHallsorts
  • Locked
  • Question
VBA to create output file of headers of selected emails
Replies
0
Views
1K
IcarusHallsorts
IcarusHallsorts
m245
  • Locked
  • Question
Adding a disclaimer for all outgoing emails in Exchange 2013 Standard Edition
Replies
0
Views
1K
m245
m245
david jackson
  • Locked
  • Question
Extract only the subject and recipients from a mailbox
Replies
0
Views
1K
david jackson
david jackson
Rupinder Kaur
  • Locked
  • Question
How do you delete time from activity in QuickBooks?
Replies
3
Views
149
strongm
strongm

Part and Inventory Search

Sponsor

Back
Top