Unexplain-able Undeliverable messages being generated

Hi,

I have an odd situation where I can't figure out where "Undeliverable"
messages are being generated in a shared mailbox.

My setup. A SBS 2003 server with a single domain, 3rd party service where
all mail for domain is sent to and scanned for virus and spam(viruses are
dropped, spam is forwarded to spam@xxxxxxxxxx), firewall only accepts SMTP
from 3rd party then delivers to server. This is still working and had been
working great up until a couple weeks ago when the amount of spam started
increasing by an incredible multitude. While I don't care about the
increased level of spam that's being forwarded through by 3rd party service,
it could be related to this issue. An account on the server is setup with
the name spam and the box is shared to 2 users, where 1 of them checks the
spam box for legitimate email that got through.

The issue exists in that spam box where now it's not just spam, but there
are messages from "System Administraor" with subject "Undeliverable:
whatever the subject is", with the option to send again and since it's not a
delivered message there's no header. The person checking the spam is not
replying, so how is it that it appears that there is a delivery failure?

I've check the account spam and no auto-reply is setup. I also enabled a
feature with the 3rd party to modify the subject on spam messages so I could
make sure the "Undeliverables" were really being generated internally, and
sure enought the "Undeliverables" do not have a modified subject. I thought
a PC on the LAN may have spyware that's doing this, but how would the
spyware know to send messages on behalf of their spam account, because no
one else in the domain is getting the undeliverables in their boxes. I also
don't see any of these messages being in the delayed SMTP queues.

Please help!

Thanks,
Mike


.

Relevant Pages

  • My fault or just Spam
    ... I've fairly recently setup a mail server to: ... If said emails are just spam, ... gives me a reason to learn how to setup a spam filter and/or tarpit. ... So then I think maybe it's my fault. ...
    (freebsd-questions)
  • Re: OT - has my email domain been hijacked?
    ... > Some people consider the darndest things to be ham or spam. ... > a) Setup an IMAP server on your machine that is NOT outside accessible, ... > b) I grab ham samples from various mail sorts in my OE setup. ... > 13) You MUST have a trusted mail server somewhere in your chain. ...
    (Fedora)
  • Re: pop3 connector less than 15 mins?
    ... here are some of the features of Mdaemon I like that either Exchange ... I can setup infinite domains. ... SPAM filtering. ... > directly through SMTP from the sending server to the receiving server. ...
    (microsoft.public.windows.server.sbs)
  • Re: Unexplain-able Undeliverable messages being generated
    ... These are just another form of Spam ... Run Microsoft Exchange Server Best Practices Analyzer Today ... > from 3rd party then delivers to server. ... and sure enought the "Undeliverables" do not have a modified ...
    (microsoft.public.exchange2000.general)
  • Re: email spoof or relaying.
    ... Spam *fakes* the return address by using some other address it either ... The Spam is probably using the person's address in the From Field as the ... > undeliverables sent throughout the weekend. ... > the client machine, don't you think? ...
    (microsoft.public.windows.server.sbs)
Loading