Yahoo Answers is shutting down on May 4th, 2021 (Eastern Time) and beginning April 20th, 2021 (Eastern Time) the Yahoo Answers website will be in read-only mode. There will be no changes to other Yahoo properties or services, or your Yahoo account. You can find more information about the Yahoo Answers shutdown and how to download your data on this help page.

Is there a way to see where on the domain an e-mail originated? Is there a new virus I should know about?

So I checked my exchange server this morning ad it is trying to send out over 10,000 e-mail from an account "alert@bankofamerican.com", this is not an account on my server. I have relaying turned off, I have sender and recipient filtering turned on. I have even added that address as a blocked address and it is still adding new requests into the queue. How can i tell which computer ouf the 30 in our domain it is being generated on? Has anyone had an experience like this, I have Symantec Corp on each computer and I have checked that they are updating and scanning as scheduled and none show any problem. When i find the culprit computer what do I eliminate?

2 Answers

Relevance
  • Z
    Lv 6
    1 decade ago
    Favorite Answer

    turn the MTA loggin up under System Manager Server > Properties Diagnostic logging and you can get more info in the event viewer on the exchange server

    Source(s): MCSE
  • 1 decade ago

    You may need to check the full headers for the email - that will usually give you the originating IP address. You may also want to use a packet sniffer and see if you can find out which computer is putting out all that traffic. Of course, it very well could be the Exchange Server itself.

    Another question: Are those messages actually NDRs? You mentioned that all of the SAV installations seem to be functioning normally - does that also mean you have confirmed the definition files are up to date?

    I've linked to a blog that describes someone else who had very similar issues.

    Good luck!

Still have questions? Get your answers by asking now.