[ragingmoon]

Folks,

One of the users on my network appears to have had his email address forged/spoofed. He received a spam email from his own email account, yet it did not appear in his sent items.

Any ideas on solutions or actions I need to take are greatly appreciated.

[calvin-c]

I doubt if there's anything you can do. If you're mad/determined enough you can contact the police (might be a crime under identity theft). You or they can try analyzing the headers to see where it really did come from, but be aware that often the first several headers are faked so it's a real trick to identify the real initial server-and even then you'd need to contact that server's management to get their cooperation in tracking down who actually sent the message.

And, just for more discouragement, after all that work you might end up with nothing more than an innocent party's computer that got infected with spam-sending malware. Then, to really find the culprit you'd need to track down the origination of that & that's an almost hopeless task.

[ragingmoon]

Quote:

Originally Posted by calvin-c

I doubt if there's anything you can do. If you're mad/determined enough you can contact the police (might be a crime under identity theft). You or they can try analyzing the headers to see where it really did come from, but be aware that often the first several headers are faked so it's a real trick to identify the real initial server-and even then you'd need to contact that server's management to get their cooperation in tracking down who actually sent the message.

And, just for more discouragement, after all that work you might end up with nothing more than an innocent party's computer that got infected with spam-sending malware. Then, to really find the culprit you'd need to track down the origination of that & that's an almost hopeless task.

Cheers man. I thought so. I was just a bit worried that they had somehow accessed the SMTP port to spoof the email account.

Thanks for your help.