Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Mail being sent out under our domain name

Status
Not open for further replies.
suzebee

suzebee

IS-IT--Management
Aug 14, 2002
5
GB
It looks like someone is sending out malicious mail under our domain name.

I have double, treble checked and we are not being used as an open relay. But are receiving malicious mails being sent from users in our domain name and they definately haven't been sent by the users?

Any ideas please.

Cheers
 
Sort by date Sort by votes
There are several ways for a person with malicious intent to spoof your domainname. I assume you discovered the problem because of mails that didn't get to their addressee and were returned to the sender. You are not the sender but because your domainname is used the mails are returned to you.

The only way to find out who is using your domainname is to retrace the message to the computer from which it was sent. You can do this by checking the headers of the message to find the TCP/IP address of the original sender.

Hope this helps...

Robert.
 
Upvote 0 Downvote
Once I have their IP addresses what can I do? Is there anyway of reporting it?

I can get contact details from whois, and send the admin a mail??
 
Upvote 0 Downvote
Once you have their IP adresses you can contact their internetprovider because they know which IP-adresses they have given out at any time and to whom they have given them.

Mind you... not all internetproviders are eager to co-operate in such cases.

Good luck.

Robert.
 
Upvote 0 Downvote
Indeed as rvbrvb says a lot of establishments, especially if in far away countries will just ignore it

There is a really nice thread here on reporting abuse, for the odd bit of spam its not worth it but for something malicious its probably worth a few minutes of your time blasting off an abuse report to various bodies:

More here



----------------------->
 
Upvote 0 Downvote
Hi,

If the ISP dont cooperate. Send the incidents to mailabuse.com and get the ISP banned.
Then there is at least one less of them...

Make them act!
Or at least, hang them out here.

//Wibbe
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
883
DrB0b
DrB0b
microsGuy16
  • Locked
  • Question
Global Address List Names not showing in Outlook OWA 365
Replies
0
Views
1K
microsGuy16
microsGuy16
DrB0b
  • Locked
  • Question
Moved to 365 in cloud, cannot get iPhones default mail app to connect
Replies
2
Views
1K
Priyanka_Chauhan
Priyanka_Chauhan
BroBias
  • Locked
  • Question
mailbox databases dismounting frequently without followable reason
Replies
1
Views
1K
BroBias
BroBias
Trevor Gryffyn
  • Locked
  • Question
Removed Accepted Domain, now can't email that (now external) domain
Replies
2
Views
154
AdrianGates
AdrianGates

Part and Inventory Search

Sponsor

Back
Top