Messaging Gateway

 View Only

  • 1.  Configuration Problem?

    Posted Jul 07, 2009 01:44 PM
    Hi, friends:
    since a week ago, in my job we've detected problems with spam, the problem i'm going to try to explain:
    first my mail account is, jperez@xmydomain.com.xx (my name is, juan perez)
    in my mailbox i recieve mails as the next description:  "unknow name" (jperez@xxxx.xxx.xx), this case has been reported by 4 users into my network, the IT team proceed with the update of S.O. and antivirus, then i scan all the pc's with problem, but i didn´t find nothing, i talk with my symantec brightmail gateway support in my city, but they said that is a virus problem, i suspect of the apliance configuration, please i ask help for resolve this terrible problem.

    i copy the headers of one of the mails that i received.

    Microsoft Mail Internet Headers Version 2.0
    Received: from sms.mydomain.xxx.xx ([172.21.5.2]) by correo.mydomain.xxx.xx with Microsoft SMTPSVC(6.0.3790.3959);
    Tue, 7 Jul 2009 09:18:37 -0500
    X-AuditID: ac150502-b7be2ae000007d36-85-4a5358d86c30
    Received: from [123.199.94.11] (Unknown_Domain [123.199.94.11])
    by sms.sms.mydomain.xxx.xx (Symantec Brightmail Gateway) with SMTP id E7.6A.32054.9D8535A4; Tue, 7 Jul 2009 09:16:59 -0500 (COT)
    Content-type: text/html; charset="iso-8859-1"
    MIME-Version: 1.0
    Message-ID: <4622KQ.382266B7.8971310055387TBGDPXXEIAGLSEX365@[123.199.94.11]>
    Date: Tue, 7 Jul 2009 23:18:35 +0900
    From: "Felisha Cahefuvo" <jperez@xmydomain.com.xx>
    To: jperez@xmydomain.com.xx
    Subject: Responsible committee invitation
    X-Brightmail-Tracker: AAAAAQAAAAQ=
    Return-Path: jperez@xmydomain.com.xx
    X-OriginalArrivalTime: 07 Jul 2009 14:18:37.0273 (UTC) FILETIME=[D1968490:01C9FF0D]

    Sorry for my english.

    Greetings



  • 2.  RE: Configuration Problem?

    Posted Jul 07, 2009 03:42 PM
    It looks like you have whoever the sender is on your allow list.

    Are you saying that you want this mail, of that you do not want it?


  • 3.  RE: Configuration Problem?

    Posted Jul 07, 2009 03:50 PM
    i sent spam, since my email account.


  • 4.  RE: Configuration Problem?

    Posted Jul 07, 2009 04:27 PM
    So if I am understanding you correctly, you are getting spam to your inbox that says it is from you?

    We see this quite often with what is called "Spoofed" mail. Or mail that says it is coming from somwehere that it isn't. This does not necessarily mean that you have a virus. It is very easy to spoof a from address in an email.

    One thing that many people do is block inbound email that is from your domain as long as this is possible. If you only have mail for your domain being transferred internally and not from external sources, you should be ok to do this. Since you have yourself on the allow list, all inbound mail that says it is coming from you will be alowed instead of filtered.

    I hope this helps.
    -Tom


  • 5.  RE: Configuration Problem?

    Posted Jul 07, 2009 04:40 PM
    So. a good configuration of the modes Inbound and Outbond into the symantec brightmail gateway could it resolvethe problem?


  • 6.  RE: Configuration Problem?

    Posted Jul 07, 2009 04:57 PM
    I'm sorry, I believe I may be misunderstanding you. It might be best for you to give a call to support again if the issue you are seeing is continuing. Although it is possible for you to have a virus, I do not believe this to be the case if I understand the situation you are explaining.

    Thank you!
    Tom