Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Mysterious outbound email

Status
Not open for further replies.
Diblik

Diblik

IS-IT--Management
Jan 30, 2001
25
US
An individual outside of our company claims they
received an email from one of our employees. The
employee did not send the message. No message in his
Sent folder, nor was he even logged in the system when
these messages were delivered. The employee is a trusted
person. This has happened 3 times over the last two
months, the emails have no content or subject matter but
the recipient relied to each asking who are you and what
do you want. Here is my question: How can I tell if
these messages where sent from my server? and/or How
can I test the validity of the messages received by the
outside person. Any ideas would be helpful!
TIA
 
Sort by date Sort by votes
If the recipient views the headers in the original email (and hopefully forwards them to you), you should see which mailservers handled it. Assuming he's using Outlook, select 'View/Options'. The headers are in the large textbox. Tell him to copy to an email and forward.

You might be lucky, the 'imposter' might be doing this from home!!

Good luck :)
 
Upvote 0 Downvote
Thanks for the tip - but the text box is completely empty! (I've checked other messages and see what you mean) Is there a way to delete this info?
 
Upvote 0 Downvote
If the Internet Header text box is empty the messages have not been passed through any SMTP or POP mail servers. Every server puts some identification header to the message. AFAIK The only time these headers would be blank is on direct mail transfers eg between mailboxes on the same server on server to server through a x400 connector
 
Upvote 0 Downvote
Would it be true that when you forward a message you lose the header info? (at least the parts from the original/previous message) The message(s) in question did pass thru our SMTP server for sure based on our employee responding to the inbound email asking him why he sent the email.
 
Upvote 0 Downvote
Hmmmm... I'm thinking virus/worm. Scan your user's machine with an up-to-date antivirus scanner.
-Steve
 
Upvote 0 Downvote
No virus on user's PC- checked and scaned with latest antivirus.
 
Upvote 0 Downvote
Diblik.
Yes you do lose the headers when you forward a message, What you need is the recipient to copy & paste the headers from the original message into a e-mail to yourself or the sopposed sender.

Chris
 
Upvote 0 Downvote
The headers from the recipients email should give you the info ou need.
I would also check the exchange server tracking logs (if you have it enabled).
Then check the smtp logs of the exchange server and any other smtp relays/gateways under your control. This should acertain whether the emails were sent through your servers.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

sreejay2211
  • Locked
  • Question
email issue
Replies
0
Views
1K
sreejay2211
sreejay2211
IcarusHallsorts
  • Locked
  • Question
VBA to create output file of headers of selected emails
Replies
0
Views
1K
IcarusHallsorts
IcarusHallsorts
Trevor Gryffyn
  • Locked
  • Question
Removed Accepted Domain, now can't email that (now external) domain
Replies
2
Views
162
AdrianGates
AdrianGates
m245
  • Locked
  • Question
Adding a disclaimer for all outgoing emails in Exchange 2013 Standard Edition
Replies
0
Views
1K
m245
m245
GamerDad
  • Locked
  • Question
Set outbound size limit by AD group?
Replies
0
Views
85
GamerDad
GamerDad

Part and Inventory Search

Sponsor

Back
Top