Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations MikeeOK on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Email in inbox from unknown user apparently in my company????! Relay??

Status
Not open for further replies.
Cat1

Cat1

Technical User
Jul 14, 2002
73
GB
Hi,

I got in this morning and there was an email in my inbox - no content & blank subject, however the 'from' was apparently from a user in my company - but it wasn't!

Below is the email header:

Is someone relaying to our email server from the outside????

Microsoft Mail Internet Headers Version 2.0
Received: from ISP server ([x.x.x.x]) by email server.domain.mydomain.com with Microsoft SMTPSVC(5.0.2195.6713);
Wed, 5 Nov 2003 09:25:31 +0000
Received: from [137.69.221.141] (helo=localhost)
by ISP server with smtp (Exim 4.24)
id 1AHJsx-0005LI-A6
for me@mydomain.com; Wed, 05 Nov 2003 09:23:34 +0000
From: james@mydomain.com
To: me <me@mydomain.com>
Reply-To: james@mydomain.com
Date: Wed, 05 Nov 2003 09:23:34 +0000
Return-Path: james@mydomain.com
X-OriginalArrivalTime: 05 Nov 2003 09:25:31.0921 (UTC) FILETIME=[C2668010:01C3A37E]
 
Sort by date Sort by votes
Ah.

Nice.

Does that mean me or someone in my company is infected? or has our domain name been harvested from someone elses computer?
 
Upvote 0 Downvote
erm, not sure at the moment, we have the same problem here, Im busy looking into it (apart from doing 50 000 other things !)

Will keep you posted

Paul
 
Upvote 0 Downvote
Upvote 0 Downvote
Do you know if it is possible to block the SMTP engine from sending email to the exchange server? By authentication or other means?

I'm going nuts because someone on my domain has the virus...
 
Upvote 0 Downvote
Microsoft Mail Internet Headers Version 2.0
Received: from ISP server ([x.x.x.x]) by email server.domain.mydomain.com with Microsoft SMTPSVC(5.0.2195.6713);
Wed, 5 Nov 2003 09:25:31 +0000
Received: from [137.69.221.141] (helo=localhost)
by ISP server with smtp (Exim 4.24)
id 1AHJsx-0005LI-A6
for me@mydomain.com; Wed, 05 Nov 2003 09:23:34 +0000


Looks like it went from 137.69.221.141 to ISP server to server.domain.mydomain.com.

Is 137.69.221.141 on you local network?

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
3K
DrB0b
DrB0b
microsGuy16
  • Locked
  • Question
Global Address List Names not showing in Outlook OWA 365
Replies
0
Views
3K
microsGuy16
microsGuy16
Brent Fletcher
  • Locked
  • Question
Exchange rule to remove &quot;✉&quot; icon when it appears in a subject title from a supplier
Replies
0
Views
3K
Brent Fletcher
Brent Fletcher
DrB0b
  • Locked
  • Question
Moved to 365 in cloud, cannot get iPhones default mail app to connect
Replies
2
Views
3K
Priyanka_Chauhan
Priyanka_Chauhan
PatrickRoggers
  • Locked
  • Helpful tip
Safest Way to Import PST file into Exchange Online
Replies
0
Views
3K
PatrickRoggers
PatrickRoggers

Part and Inventory Search

Sponsor

Back
Top