TheOfficeSlave
IS-IT--Management
I get notices for all virus and spam filtering that are quarantined, but some of the notices/Alerts look as though there are emails being caught, which are spoofing themselves (due to time of receipt-ex 2:30am)and they are looping themselves. Our exchange box will get between 20-30 emails all within a targeted minute and at multiple times during the night. All of the emails are for different email addresses, not specificly for one or another.
Some of the email addresses we are receiving, in the middle of the night, are from legitimate customers or clients that are not being allowed to come in, now even during business hours.
1) What might be causing this spoofing?
2) How do I stop it from looping itself (see below sample of the Alert)?
3) How can I possibly white list people but still filter the content for spam that are spoofing?
Example of just one Alert, which came in at 3:35am from an addressed spoofed (legit client) to one of our employees. There is a looping feature from this...why?
--------------------------------------------------------
Location of the message: budw/Deleted Items Sender of the message: GeoTrox@aol.com Subject of the message: Re: [Lsrboard] Board meeting next Wed.
The message was Quarantined
This was done due to the following Symantec AVF settings:
Policy: Standard
SubPolicy: Content SubPolicy
Rule: Spam Rule
Location of the message: budw/Deleted Items Sender of the message: GeoTrox@aol.com Subject of the message: Re: [Lsrboard] Board meeting next Wed.
The message was Quarantined
This was done due to the following Symantec AVF settings:
Policy: Standard
SubPolicy: Content SubPolicy
Rule: Spam Rule
Location of the message: budw/Deleted Items Sender of the message: GeoTrox@aol.com Subject of the message: Re: [Lsrboard] Board meeting next Wed.
The message was Quarantined
This was done due to the following Symantec AVF settings:
Policy: Standard
SubPolicy: Content SubPolicy
Rule: Spam Rule
Location of the message: budw/Deleted Items Sender of the message: GeoTrox@aol.com Subject of the message: Re: [Lsrboard] Board meeting next Wed.
The message was Quarantined
This was done due to the following Symantec AVF settings:
Policy: Standard
SubPolicy: Content SubPolicy
Rule: Spam Rule
Some of the email addresses we are receiving, in the middle of the night, are from legitimate customers or clients that are not being allowed to come in, now even during business hours.
1) What might be causing this spoofing?
2) How do I stop it from looping itself (see below sample of the Alert)?
3) How can I possibly white list people but still filter the content for spam that are spoofing?
Example of just one Alert, which came in at 3:35am from an addressed spoofed (legit client) to one of our employees. There is a looping feature from this...why?
--------------------------------------------------------
Location of the message: budw/Deleted Items Sender of the message: GeoTrox@aol.com Subject of the message: Re: [Lsrboard] Board meeting next Wed.
The message was Quarantined
This was done due to the following Symantec AVF settings:
Policy: Standard
SubPolicy: Content SubPolicy
Rule: Spam Rule
Location of the message: budw/Deleted Items Sender of the message: GeoTrox@aol.com Subject of the message: Re: [Lsrboard] Board meeting next Wed.
The message was Quarantined
This was done due to the following Symantec AVF settings:
Policy: Standard
SubPolicy: Content SubPolicy
Rule: Spam Rule
Location of the message: budw/Deleted Items Sender of the message: GeoTrox@aol.com Subject of the message: Re: [Lsrboard] Board meeting next Wed.
The message was Quarantined
This was done due to the following Symantec AVF settings:
Policy: Standard
SubPolicy: Content SubPolicy
Rule: Spam Rule
Location of the message: budw/Deleted Items Sender of the message: GeoTrox@aol.com Subject of the message: Re: [Lsrboard] Board meeting next Wed.
The message was Quarantined
This was done due to the following Symantec AVF settings:
Policy: Standard
SubPolicy: Content SubPolicy
Rule: Spam Rule
