Spoofed Email address
I am running Exchange Server 2007 SP1 in our small environment.
Over the last couple of days, I have received a large number of NDR's, all of which are messages I did not send. This leads me to believe someone has spoofed my email address and is using it.I have tried to look at the headers to determine where the message originated.There seem to be several different IP's. Is there a way to stop this?It would be devastating to change my email address as it is a business address.
April 15th, 2008 6:29pm
I have a few users whose email addresses have also been spoofed and are being used to send out spam. They have been receiving many NDRs due to this. One option is to collect at your perimeter server (or filtering server) any NDR that comes intoa particular address and quarantine it. Then it can be looked at only when needed to see if there are any legit NDRs needed. Or it can be done locally also by creating a client rule and a folder to send these emails into so that they can either be automatically deleted or reviewed. this is a difficult situation as really the best means to completely stop it for this address for the time being would be to change the email address, which sometimes just is not an option.
Hope this at least gives you some ideas of how to handle them.
Free Windows Admin Tool Kit Click here and download it now
April 15th, 2008 10:20pm