Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
Exchange
2000.active.directory
2000.admin
2000.announcements
2000.app.conversion
2000.applications
2000.clients
2000.clustering
2000.connectivity
2000.development
2000.documentation
2000.general
2000.information.store
2000.interop
2000.kms
2000.misc
2000.protocols
2000.realtime.collabo.
2000.setup
2000.transport
2000.win2000
admin
application.conversion
applications
clients
clustering
connectivity
design
development
misc
mobility
setup
tools
  
 
date: Tue, 25 Mar 2008 11:27:01 -0700,    group: microsoft.public.exchange2000.admin        back       


Spoofing Attack    
One of the mailbox on E 2003 server is under spoofing attack. Someone is 
sending out spam using this mailbox email address and this user is getting 
hundreds of NDRs from other servers. How can I stop or drop these in coming 
NDRs?
date: Tue, 25 Mar 2008 11:27:01 -0700   author:   Sam

Re: Spoofing Attack    
NDR's from other server, so where exactly is the NDR coming from?  Have you 
checked the Internet Headers?  Is Recipient Filtering enabled on your 
Exchange 2003 Server?

-- 
John Oliver, Jr
MCSE, MCT, CCNA
Exchange MVP 2008
Microsoft Certified Partner


"Sam"  wrote in message 
news:CDE4B9F7-895A-46E2-BDE8-C9A7AD9C3FE8@microsoft.com...
> One of the mailbox on E 2003 server is under spoofing attack. Someone is
> sending out spam using this mailbox email address and this user is getting
> hundreds of NDRs from other servers. How can I stop or drop these in 
> coming
> NDRs?
date: Tue, 25 Mar 2008 18:52:07 -0400   author:   John Oliver, Jr. [MVP]

Re: Spoofing Attack    
It's coming from different servers. Recipient Filtering is checked and 
enabled in SMTP VS.

"John Oliver, Jr. [MVP]" wrote:

> NDR's from other server, so where exactly is the NDR coming from?  Have you 
> checked the Internet Headers?  Is Recipient Filtering enabled on your 
> Exchange 2003 Server?
> 
> -- 
> John Oliver, Jr
> MCSE, MCT, CCNA
> Exchange MVP 2008
> Microsoft Certified Partner
> 
> 
> "Sam"  wrote in message 
> news:CDE4B9F7-895A-46E2-BDE8-C9A7AD9C3FE8@microsoft.com...
> > One of the mailbox on E 2003 server is under spoofing attack. Someone is
> > sending out spam using this mailbox email address and this user is getting
> > hundreds of NDRs from other servers. How can I stop or drop these in 
> > coming
> > NDRs? 
> 
> 
>
date: Wed, 26 Mar 2008 08:47:04 -0700   author:   Sam

Re: Spoofing Attack    
Only real solution here is to get an appliance or service to perform an SPF 
lookup on the NDR and then either drop it or delete it.  Another solution 
you could use is changing the users email address.  If the user's address 
has been spoofed by a Spammer you could also try to figure out where these 
messages are coming from and try to shut it down.
-- 
John Oliver, Jr
MCSE, MCT, CCNA
Exchange MVP 2008
Microsoft Certified Partner

"Sam"  wrote in message 
news:5095BDD2-5992-4DFD-ACF6-3287B26C4706@microsoft.com...
> It's coming from different servers. Recipient Filtering is checked and
> enabled in SMTP VS.
>
> "John Oliver, Jr. [MVP]" wrote:
>
>> NDR's from other server, so where exactly is the NDR coming from?  Have 
>> you
>> checked the Internet Headers?  Is Recipient Filtering enabled on your
>> Exchange 2003 Server?
>>
>> -- 
>> John Oliver, Jr
>> MCSE, MCT, CCNA
>> Exchange MVP 2008
>> Microsoft Certified Partner
>>
>>
>> "Sam"  wrote in message
>> news:CDE4B9F7-895A-46E2-BDE8-C9A7AD9C3FE8@microsoft.com...
>> > One of the mailbox on E 2003 server is under spoofing attack. Someone 
>> > is
>> > sending out spam using this mailbox email address and this user is 
>> > getting
>> > hundreds of NDRs from other servers. How can I stop or drop these in
>> > coming
>> > NDRs?
>>
>>
>>
date: Wed, 26 Mar 2008 22:02:36 -0400   author:   John Oliver, Jr. [MVP]

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us