How to track down spoofed e-mails

A customer of mine is currently having someone sending out e-mail from
one or more 3rd party e-mail relay servers not related to his domain
where they're putting some made up or dictionary name in the reply to
field followed by his domain name.  Many times the person in the reply
to field doesn't even exist.  So when the message comes back, it gets
delivered to the postmaster account.

For the people that actually receive the e-mail, they think it came
from my customers domain, so he's getting a lot of nasty replies
asking to be taken off the list.

The 2003 Exchange server is also getting a lot of undeliverable
receipts due to this.

How can we track this spammer down or figure out what servers or open
relays they are using to get them to cease and desist?

I have read about the "Sender ID" technology in SP2 of Exchange Server
2003.  Is this something that would keep the e-mails from being
spoofed even if they were being sent from a totally different e-mail
server/relay?

Thanks way in advance!

Steve
0
steve8133 (14)
5/4/2006 12:49:15 PM
exchange.admin 57650 articles. 2 followers. Follow

1 Replies
283 Views

Similar Articles

[PageSpeed] 57

On Thu, 04 May 2006 12:49:15 GMT, Steve <steve@nospam.com> wrote:

>
>A customer of mine is currently having someone sending out e-mail from
>one or more 3rd party e-mail relay servers not related to his domain
>where they're putting some made up or dictionary name in the reply to
>field followed by his domain name.  Many times the person in the reply
>to field doesn't even exist.  So when the message comes back, it gets
>delivered to the postmaster account.

Use Recipient Filtering and filter against users who arent in Active
Directory. No need to accept mail for accounts that do not exist.
>
>For the people that actually receive the e-mail, they think it came
>from my customers domain, so he's getting a lot of nasty replies
>asking to be taken off the list.
There isnt much you can do about that. Sadly, even after all these
years, it doesnt take much to fool people.


>
>The 2003 Exchange server is also getting a lot of undeliverable
>receipts due to this.

>
>How can we track this spammer down or figure out what servers or open
>relays they are using to get them to cease and desist?

You could check the headers and report them to their ISP. Not that it
may amount to much.

>
>I have read about the "Sender ID" technology in SP2 of Exchange Server
>2003.  Is this something that would keep the e-mails from being
>spoofed even if they were being sent from a totally different e-mail
>server/relay?

It would help as long as the recipient domains were checking SenderID
records.

>
>Thanks way in advance!
>
>Steve
0
adavid (8731)
5/4/2006 1:19:00 PM
Reply:

Similar Artilces:

Not able to send or receive with windows mail.
I have set up windows mail but are not able to send or recveive mail i have this error msg come up was wondering if someone might have some ideas on how i fix this prob. Your server has unexpectedly terminated the connection. Possible causes for this include server problems, network problems, or a long period of inactivity. Account: 'Windows Mail', Server: 'yahoo.com.au', Protocol: POP3, Port: 110, Secure(SSL): No, Error Number: 0x800CCC0F Thanks "Travnikk" <Travnikk@discussions.microsoft.com> wrote in message news:9D31924D-1B29-49C6-AB8...

New Mail Notification #9
Does anyone know how to get the New Mail Notification alert to work?? I have closely followed the instruction in the Tools ption etc, but it still does not appear. Is there a fix available? I am not even able to get the Alert Box to appearin the bottom right of the screen, although I do get a notification sound. Thanks for your help!!! Peter, London, UK If you're sure the feature is activated, it could be one of a few other problems. Here are a few articles in the Microsoft Knowledge Base, depending your other factors not mentioned in your post: http://support.microsoft.com/defaul...

How to Block a Newsgroup User With Vista Windows mail
Is there a way to block a newsgroup user or kill file with Vista windows mail.I could do this in outlook express. "Brian LD" <home@home.org> wrote in message news:FC2D55BC-0699-4625-BC53-317FDF9E8E42@microsoft.com... > Is there a way to block a newsgroup user or kill file with Vista windows > mail.I could do this in outlook express. Use a message rule, select a message from that sender>on the message menu>create rule from message>2nd box, select delete. -- Regards Steve. MS-MVP. MAIL. [DTS] UK. http://www.getsafeonline.org/ Right-...

can't delete mail from inbox...error message is..
outlook wont let me delete email messages from inbox the error message I keep receiving is "item could not be deleted. it was moved or already deleted, or access denied also sometimes i receive error message "the administrator has not set retention policies" ?? can anyone help ...

forwarding e-mail with pictures/attachments
When I receive an e-mail with a picture I can view it with no problem, but when I want to forward it the picture comes out blank. I tried to send it to my desktop, but they still come up blank. attachments seem to be ok, but not pictures. Do I have my e-mail set up wrong? No one else who use this computer has this problem but me. What do I have to check in order to find the problem. ...

"Automatically update e-mail addresses based on recipient policy"
Hello, Can someone please tell me How I can disable/enable the "Automatically update e-mail addresses based on recipient policy" on all users or contacts? We had a RUS issue and manually unchecked the box, now need put it back, really don't want to do that one by one for over 900 users. thanks a lot! CJ Hi, This script clear the contents os "msExchPoliciesExcluded" property for all AD. This set the checkbox ON. 1 - Change the domain name at line 07. 2 - Please try in lab first !!!! ++++++++++++++++++++++++++++++++++++++++++++++++ Const ADS_PROPERTY_CLEAR = 1 ...

Not able to send mail
Hi all - a customer called today and said they can't send mail. This SBS 2008 box is a week old and the only thing I have done since last week was add a cert to the domain "remote.mydomain.com" They want to use OWA and RWW so we purchased a cert from Godaddy and installed it last night. Additionally I went in to the host and added an "A" record for "remote.mydomain.com" My question is; would adding the A record screw this up if they already have an A record for "mail.mydomain.com"? Both A records point to the SBS box. If that didn...

How can I view e-mails before the attachment downloads?
When I receive a new e-mail with an attachment, it takes forever to open that e-mail. Can anyone please advise? It's frustrating to wait 5min. for one e-mail just to open. Thank you! "fRuStRaTeD" <fRuStRaTeD@discussions.microsoft.com> wrote in message news:9B7FCBB8-6B2E-4813-98C5-2BFEDB5CC17A@microsoft.com... > When I receive a new e-mail with an attachment, it takes forever to open > that > e-mail. Can anyone please advise? It's frustrating to wait 5min. for one > e-mail just to open. Attachments aren't some separate entity distin...

windows mail uitgaande email
sinds gisteren kan ik geen email meer verzenden met Windows Mail. Ik krijg de volgende foutmelding: Er is een onbekende fout opgetreden. Protocol: SMTP, Poort: 0, Beveiligd(SSL): Nee, Foutnummer: 0x800C013E. Kan iemand mij vertellen wat ik moet doen? The error message you got is very typical of interference caused by=20 an antivirus program. Which antivirus are you running? As a minimum, email scanning in the antivirus should be turned off, although that may not be sufficient to eliminate all bad effects. In a worst case scenario, your antivirus may need to be uninstalled. Email ...

How do I connect a mobile device (i.e. iPhone) via bluetooth
How do I connect a mobile device (i.e. iPhone) via bluetooth dcree77 wrote: > How do I connect a mobile device (i.e. iPhone) via bluetooth Read the manual for your iPhone to see how to configure its Bluetooth. Read the manual for your computer to see how to configure its Bluetooth. ...

Autoarchive to another Mail Folder
Hi, I want to be able to setup autoarchive to store the emails to another mail folder, in my case another imap folder -- as opposed to saving the archived mails in a local pst file. Is this possible? It does not seem like this is possible through the vanilla Outlook 2007 interface, but is this possible through a plugin or something? I am running Outlook 2007 SP1. tia, rouble I believe Outlook will only archive to a .pst file. -- Milly Staples [MVP - Outlook] Post all replies to the group to keep the discussion intact. ALWAYS post your Outlook version. How to ask a question: http://sup...

Problems : cannot open mail with attachments- Word, Excel etc
Problems : cannot open mail with attachments- Word, Excel etc from my Yahoo email accounts. I have a 733 MHZ PC with Windows ME. 192 RAM and 20 GB HD Recently I cannot open any attachments like Word or Excel received at my Yahoo email accounts. It says: "Internet Explorer cannot download.....from mail.yahoo.com Internet Explorer was not able to open this internet site" I have to forward to it my other email addresses in Outlook Express and then attempt to forward it...but before forwarding it I click on the attachment and it opens. Also every Word or Excel doc I open appears...

impossible d'envoyer de mail � AOL
gOOD MORNING Je ne peux envoyer de mail � des correspondants AOL Je re�ois d'AOL et le reste fonctionne correctement J'urilise Outlook 2002 Merci d'avance pour votre aide Sorry, this is an English language newsgroup... <jjfulgoni@eciconseils.com> wrote in message news:cpovfc$1nh$1@news.tiscali.fr... > gOOD MORNING > Je ne peux envoyer de mail � des correspondants AOL > > Je re�ois d'AOL et le reste fonctionne correctement > J'urilise Outlook 2002 > > Merci d'avance pour votre aide > jjfulgoni@eciconseils.com <jjfulgoni@eciconseils...

Tracking Expenses
HelloI am new to Money. I have MSB05 and do not know how to track expenses. I just strated a services business and want to track my office supplies, gas and some client dining expenses. How do I just write a check to my self ? ...

Local Exchange users not receiving mail
I've just loaded Exchange 2003 Server. We already had existing domain users in the domain so to create mailboxes for them I went into AD users and computers, selected the users object and right clicked on each user, selected Exchange tasks, then created each mailbox. That went very smoothly. However, no one is receiving email. They all send fine but do not receive. We do have a firewall and I have allowed SMTP and POP3 through the firewall. Presently we are not using Internet Email on the Exchange Server just internal email only. Can someone tell me why we can send locally...

How to prevent Internet Mail Service updating all receipients' email addresses
I've had to put another Exchange 5.5 server (ExchangeB) in my organization. We already have one Exchange 5.5 (ExchangeA). ExchangeA is having major problems and I'm looking at taking this offline. It currently acts as the bridgehead server and has the Internet Mail Service connected configured accordingly. Both Exchange servers have the same Home Site and are synchronizing and replicating between each other correctly. Mailboxes have successfully been migrated from ExchangeA to ExchangeB and the client machines are recognising this and re-configuring themselves accordingly when logging...

Printing cd covers and track lists.
It seems my basic question has beed asked but not really answered except with a link. So I'm going to try, maybe Mike and I can get an answer. I like using WMP, it's quick, easy with no bs involved. The really good part of it was the ability to print my covers from my photos along with the track lists for the compilationsI compile. After suffering a virus and having the system\cleaned, I guess WMP 11 was installed. I've now lost tha printing function I loved. I called Micro Soft and spoke to three different techs. It appears they didn't know about that function....

Perfmon tracks network link usage per user?
Is possible to view server network link utilisation per client or computer/IP on a workgroup, windows 2003? I need to track who is using most of the bandwith on the server. thanks. You might give this a go. http://www.wireshark.org/ -- Regards, Dave Patrick ....Please no email replies - reply in newsgroup. Microsoft Certified Professional Microsoft MVP [Windows] http://www.microsoft.com/protect "Tyler Durden"wrote: > Is possible to view server network link utilisation per client or > computer/IP on a > workgroup, windows 2003? I need...

Q: Deleting the last character from text fields in excel [Us@ cod@ to @-mail m@]
I have a bunch of text with a trailing blank. How can I get rid of them? In MS word there is the ^p to indicate the end of the line. Is there something like this in Excel? Thanks! Sam (Post your replies here. My e-mail is spam proofed unless you use a code) Hi, S.V. Short of going to VBA, have you tried to insert a helper column and use the trim function? HTH >-----Original Message----- >I have a bunch of text with a trailing blank. > >How can I get rid of them? > >In MS word there is the ^p to indicate the end of the line. > >Is there something like this...

Outlook crashes of an e-mail?
Hi, my Outlook always crashes because of an corrupt e-mail which has been on the top in my e-mail directory for two weeks now. I cant get rid of it. I can�t remove it the normal way because Outlook always freezes immediately when I start Outlook. Is there any other way to get rid of this actual e-mail?? Grateful for any advice. Borje Start Outlookin Safe mode and see if you can delete it now. When you say at the "top of my email directory' - do you mean inbox? outlook version? -- Milly Staples [MVP - Outlook] Post all replies to the group to keep the discussion intact. ...

Tracking Rental Properties
Does anyone out there use QB to track their rentals? I'm somewhat confused as to the best way to track each property. Best to use classes, items, jobs and get everything to track to a separate Schedule E? TIA - Dave ...

Tracking changes
I have an excel file that is password protected and will be shared by 5 people. I know that shared workbook and tracking changes doesn't work on a password protected file. Is there any other way of tracking changes made by 5 different people? You can't change the sheet protection in a shared workbook, but AFAIK you can share an Excel file that is password protected. Did you try it, and encounter some problems? tthomas@lcor.com wrote: > I have an excel file that is password protected and will > be shared by 5 people. I know that shared workbook and > tracking chang...

Outlook Connector
Hi, I have just installed the latest version of outlook connector (12.1) to use with my Windows live account on Outlook 2003. on a computer running Windows Vista Home Premium. I have the following error when trying to receive e-mail from my Yahoo account as well as the hotmail account. Task 'Yahoo -Sending' Reported error (0x8004010F): The operation Failed. An object could not be found Task 'Yahoo -Receiving Reported error (0x8004010F): The operation Failed. An object could not be found Task 'myname @ hotmail -Sending' Reported error (0x8004010F): The operation Fai...

HTML E-mail Blurry
I am attemting to send an HTML e-mail with Publisher 2003. When I preview the e-mail all the text is blurry. I've read previous posts and I do not have the setting (tools, options, web, send as JPEG") checked. Why is the text blurry and what can I do to send a professional looking e-mail. Thanks If you have read all the posts and replies, you should know the best way is to send the attachment as a pdf file. If you don't like the advice, don't be mad at the messenger. Mike TRM wrote: > I am attemting to send an HTML e-mail with Publisher 2003. When I preview the...

fetch mail in public folder
Hi all. I want to use a public folder to download a mail box, so that users of A.D. can view only all received email, without deleting one. For sending, only admin users will use a different Internet SMTP from their own outlook. Is it possibile? How to do - find docs for building it? Where can I put pop3 address and user/pass in public folder so that Exchange can download there the message and then share the public folder in the domain? System Win2000 server, A.D. mounted, PDC, Exchange2000 Thanks in advice, Marco ...