Microsoft
Software
Hardware
Network
Question : Exchange NDRs reports getting to the users mailboxes becasue spam
Scenario:
Exchange 2003 Ent (Cluster Active-Passive) Clients: Outlook 2003
Problem:
We have some users reporting that they have recevied NDRs letting them know that some of the messages they have sent our there have not being received.
This is cleary spam/email spoofing so that they can cause an DoS via NDR's. Also the NDR messages contains an HTML file attached that has a virus named by Symantec "JS.QsiFrame"
Here is what I think is going on
E-mail virus "X" is on Joe's computer. It harvests all of the e-mail addresses it can find (including yours). It picks one at random and "spoofs" that one as the sender address, thus ensuring Joe doesn't get suspicious seeing the spate of failure messages (because everybody has a bunch of "dead" addresses in their address book). You lucked out being picked as the spoofed address. You don't have a virus. Joe has a virus.
Questions:
1.) Does anyone know how can I get the number of NDR's that the Exchange server is sending out there? Any other suggestions on how to track this down?
2.) We are currently using Postini as the Enterprise Inbound Spam filter. Does anyone know how can we prevent this from happening again via Postini or any other methods (native to Exchange 2003 or Exchange 2007/2010)
Thank you
This is an automatically generated Delivery Status Notification. Delivery to the following recipients failed. {removed email address}
Answer : Exchange NDRs reports getting to the users mailboxes becasue spam
Hi
1. Go to ESM, SMTP virtual server properties, then Messages tab. put your email address in the box to get a copy of NDRs. Then you can see how many your dealing with. 2. I'm not up-to-speed with postini.
Random Solutions
What Rollup version is currently installed on Exchnage 2007
i have problem in c++ ofstream ?
Exchange 2010 GAL not Updating
Comparing records of more than two excel documents
Using more memory on x64 VM's
How do I make these graphical links also submit a form?
old xap
Crystal Reports in C# App built on 32 bit Windows throws error on 64 bit Windows
PHP & MSSQL - Problem with basic query not working...
Boxes not lining up in IE