Jump to content

Email Sever issues

anonymo

By anonymo, Member
in Tech Reviews, Support and PC Builds

 Share

Recommended Posts

anonymo Newbie

anonymo

Newbie
anonymo
anonymo
Member

So, I have a little issue with my work's email server and to tell you the truth I'm really not confident in the person in charge of our email server at our head office, so I am here to ask you fellers.

 

In the previous few days I have begun receiving 7-10 spam mailer-daemon return receipts for undeliverable email (that has my email address on them as the sender, but obviously I'm not sending them) every hour.

 

Could someone be using my email address (through our email server or some other way) to send out all their spam emails and these are just the ones that cannot be delivered?

 

Any help is appreciated.

Link to comment
Share on other sites
ZeroDamage Newbie

ZeroDamage

Newbie
ZeroDamage
ZeroDamage
Member

The thing to do is look at the email headers and see if the emails are coming from your email server's IP address or some other ip address. Odds are, these emails are just spoofing your name and email in the headers which results in their getting returned to you rather than the dirt bag who originally sent them.

Link to comment
Share on other sites
stutters Newbie

stutters

Newbie
stutters
stutters
GC Alumni

i was eavesdropping on a professor in the elevator. he was describing the same problem, but to the tune of about 300/hour, and i'm guessing it was from our school exchange server.

 

can you post the headers from more than one message?

Link to comment
Share on other sites
ZeroDamage Newbie

ZeroDamage

Newbie
ZeroDamage
ZeroDamage
Member
(edited)

There are a couple of things you can try.

 

One, you should tell your inept email server admin to implement an SPF record in the DNS which will mostly prevent others from using your email address as a spoof. http://www.openspf.org/ This is a simple text file which can be generated from the site and dumped into a simple txt dns record.

 

You could set up a gmail email account and see if you can get all of your email forwarded to it. The gmail spam filters are the best.

I honestly do not understand why small companies want to run their own email server, especially when they are not sure what they are doing. Hosting email on godaddy's email service is probably the best bet for most everyone. Yeah, it costs something but the spam filters are as good as Google's yet you get 24/7 phone support if you need it. After that North Vietnamese kid used a gmail exploit and hacked my gmail account back in 2005, I've been using the godaddy email service ever since.

 

 

Heck jeronimoo, feel free to PM me the email server IP, your IP, and the full headers to one of those emails and I can tell you if it is coming from you or not.

Edited by ZeroDamage
Link to comment
Share on other sites
stutters Newbie

stutters

Newbie
stutters
stutters
GC Alumni

btw, for $50/year/user, you can get 24x7x365 google support on their hosted apps. imo, that's a no brainer. use the gmail interface, or pick it up by pop or imap with your favorite client.

 

but back to the issue, zd is on target, plus be sure you're not allowing relaying (unless your exchange server needs to support many domains), and be sure smtp auth is enabled. but like you said, they're probably just using your address as the reply-to, and having a field day. ain't life grand when your email gets posted to the interwebs?

Link to comment
Share on other sites
shoot Newbie

shoot

Newbie
shoot
shoot
Member
You could set up a gmail email account and see if you can get all of your email forwarded to it. The gmail spam filters are the best.

I honestly do not understand why small companies want to run their own email server, especially when they are not sure what they are doing. Hosting email on godaddy's email service is probably the best bet for most everyone. Yeah, it costs something but the spam filters are as good as Google's yet you get 24/7 phone support if you need it. After that North Vietnamese kid used a gmail exploit and hacked my gmail account back in 2005, I've been using the godaddy email service ever since.

 

 

I have Gmail and I agree with you... It's got the best spam filter, imo. I was debating to get a godaddy commercial account and after reading this thread, I'm getting one now.

 

Thanks!

Link to comment
Share on other sites
stutters Newbie

stutters

Newbie
stutters
stutters
GC Alumni
You could set up a gmail email account and see if you can get all of your email forwarded to it. The gmail spam filters are the best.

I honestly do not understand why small companies want to run their own email server, especially when they are not sure what they are doing. Hosting email on godaddy's email service is probably the best bet for most everyone. Yeah, it costs something but the spam filters are as good as Google's yet you get 24/7 phone support if you need it. After that North Vietnamese kid used a gmail exploit and hacked my gmail account back in 2005, I've been using the godaddy email service ever since.

 

 

I have Gmail and I agree with you... It's got the best spam filter, imo. I was debating to get a godaddy commercial account and after reading this thread, I'm getting one now.

 

Thanks!

 

uhm?

 

btw, for $50/year/user, you can get 24x7x365 google support on their hosted apps. imo, that's a no brainer. use the gmail interface, or pick it up by pop or imap with your favorite client.

 

but back to the issue, zd is on target, plus be sure you're not allowing relaying (unless your exchange server needs to support many domains), and be sure smtp auth is enabled. but like you said, they're probably just using your address as the reply-to, and having a field day. ain't life grand when your email gets posted to the interwebs?

 

$50/user/year comes out to less than $5/month/user. anyone can sign up for this, they'll even help you register a new domain or configure your current one.

 

STOP GIVING GODADDY MONIES!

Link to comment
Share on other sites
Unclean Newbie

Unclean

Newbie
Unclean
Unclean
Member
You could set up a gmail email account and see if you can get all of your email forwarded to it. The gmail spam filters are the best.

This depends on your industry - as an IT guy working at a pharma company, it would be a very BAD IDEA for me to forward work emails to gmail or any outside company.

Link to comment
Share on other sites
anonymo Newbie

anonymo

  • Author
Newbie
anonymo
anonymo
Member

Thanks guys! That's all really helpful.

 

Considering our IT person calls me whenever there are hardware failures at the office and thinks running TheosWS is a secure way of entering orders...I have my work cut out for me. Sometimes I wish I had taken a 6 month networking course :( ...then again that would mean working at our head office with my German bosses breathing down my neck more then they already do...no thanks!

Link to comment
Share on other sites
  • 4 weeks later...
anonymo Newbie

anonymo

  • Author
Newbie
anonymo
anonymo
Member

Ok, so here's what my inbox looks like today!

 

thisisridiculous2yo4.jpg

 

Mmm...I'm about the schedule a technician to come and check my emails in an attempt to make my head office consider this an actual problem.

 

If it takes him 30 seconds to check each email then he'll be finished by the end of the week (about 75 hours, normal week for us).

 

So, my IT person was sick all last week, which is conveniently when the emails started pouring in. They aren't all unique emails, rather they are all repeats of the same 12 or so emails. This happened before and she did something about it. Now she's off sick it's happening again, so obviously she's actively stopping it from happening somehow.

 

Here's a header of a typical spam email (she set up some new spam checker, which conveniently flags real emails as Spam now...woohoo!)

 

Subject: Never agree to be a loser

From: "Tanisha Meier" <Tanisha@sih.com.hk>

Date: Sun, 06 Apr 2008 10:48:46 +0700

To: "Odessa Munson" <*********@frischkornav.com>

Received: from asquer.asso.fr ([117.47.79.238]) by ex984.blacksun.ca (8.13.1/8.13.1) with SMTP id m363mUOf027987 for <********@frischkornav.com>; Sat, 5 Apr 2008 21:48:34 -0600

Received: from 210.177.163.100 (HELO sun.sih.com.hk) by frischkornav.com with ESMTP ({nChar[8-12]} {nChar[4-6]}) id wecrJq-0f6xMO-Wi for *********@frischkornav.com; Sun, 06 Apr 2008 10:48:46 +0700

Message-ID: <042301c89799$1de422e0$c0a80102@Tanisha>

MIME-Version: 1.0

Content-Type: multipart/alternative; boundary="----=_NextPart_1057_048B_01C897D3.CA42FAE0"

X-Priority: 3

X-MSMail-Priority: Normal

X-Mailer: Microsoft Outlook Express 6.00.2800.1158

X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1158

X-Antivirus: avast! (VPS 080405-1, 06/04/2008), Outbound message

X-Antivirus-Status: Clean

X-yoursite-MailScanner-Information: Please contact the ISP for more information

X-yoursite-MailScanner: Not scanned: please contact your Internet E-Mail Service Provider for details

X-yoursite-MailScanner-From: lisa.feng@sih.com.hk

 

I removed my original email just in case. I'm going to mention this SPF dealy when she's back from being sick.

 

Also, these repeat emails don't make it to my Blackberry, just Thunderbird and no one else in the company is experiencing it afaik. I am the only location that uses a Bell SMTP server to bounce my emails out. Could that be the culprit? (good old port 25!)

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...