Weird Email Tracking: Possible Virus, Possibly SPAM?

From: pheidippides (paul_at_seismicom.net)
Date: 10/29/04

Next message: Susan: "Re: Messages Appear Late in Public Folders"
Previous message: Jonathan Reiser: "Messages Appear Late in Public Folders"
Next in thread: Lanwench [MVP - Exchange]: "Re: Weird Email Tracking: Possible Virus, Possibly SPAM?"
Reply: Lanwench [MVP - Exchange]: "Re: Weird Email Tracking: Possible Virus, Possibly SPAM?"
Messages sorted by: [ date ] [ thread ]

Date: Fri, 29 Oct 2004 15:48:40 -0700

ExAdmins:

A received a strange email today from the System Adminstrator, you know, one of those "messsage undeliverable" receipts. The weird part is she never sent an email out to the intended recipient.

here's how it plays out:
FROM: System Administrator
TO: Jane Jones
SUBJECT: Undeliverable: Re: Thanks :)

Your message did not reach some or all of the intended recipients.
Subject: Re: Thanks :)
Sent: 10/29/2004 1:52 PM
The following recipient(s) could not be reached:
shannon@fishfry.com on 10/29/2004 12:47 PM
The e-mail account does not exist at the organization this message was sent to. Check the e-mail address, or contact the recipient directly to find out the correct address.
<hal.corp.fishfry.com #5.1.1>

I checked the virus logs for her computer account, we use SAV Corporate Edition v9. No recent entries indicating virus activity scanning her Outlook addressbook nor auto-propagating hidden emails.

Then I ran the message tracking tool. Bingo! A message bearing the same subject line to the same address was sent right around the time of this "undeliverable" timestamp. So I looked at the user's SENT ITEMS folder...nothing.

So the question remains. Just where did this email originate? If not from the user's mailbox, then how does it even register in Message Tracking? Is this a spoof? Is this a virus propagating itself?

so many questions, so little time to answer them....

pheidippides

Next message: Susan: "Re: Messages Appear Late in Public Folders"
Previous message: Jonathan Reiser: "Messages Appear Late in Public Folders"
Next in thread: Lanwench [MVP - Exchange]: "Re: Weird Email Tracking: Possible Virus, Possibly SPAM?"
Reply: Lanwench [MVP - Exchange]: "Re: Weird Email Tracking: Possible Virus, Possibly SPAM?"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Sendmail calling a script on inbound mail
... Visit Telindus Access Products & Surveillance Solutions at Cebit 2006, ... are not the intended recipient you are strictly prohibited from using, ... We use reasonable endeavours to virus scan all ...
(SunManagers)
SunSolve
... Is the online Sunsolve System Handbook available on cdrom / searchable ... This message is for the intended recipient only. ... We may monitor all Email communication through our ... We take reasonable precautions to ensure our Emails are virus free. ...
(SunManagers)
process not responding and not able to kill -9!!
... PID TSUPRILIM TSUPRI ... I'm not sure If I raised its scheduling priority it would respond to the ... are not the intended recipient you are strictly prohibited from using, ... We use reasonable endeavours to virus scan all ...
(SunManagers)
ld.so.1 false inking errors
... This is free software; see the source for copying conditions. ... are not the intended recipient you are strictly prohibited from using, ... We use reasonable endeavours to virus scan all ... e-mails leaving the Company but no warranty is given that this e-mail and any ...
(SunManagers)
DRAGON SOFT. WARNING! VIRUS ALERT!
... Some of them even can contain virus. ... Subject: E-mail account security warning. ... We warn you about some attacks on your e-mail account. ... Please pay attention to such e-mails, ...
(borland.public.delphi.thirdpartytools.general)