I’ve got an unusual problem and I can’t seem to find any information about it - I’d appreciate ANY help!!
Here’s the situation:
User X sent an email to company.com with two (normal) attachments
About 10 mins later, User Y sent an e-mail to company2.com with just text.
User X called me saying that company.com had sent him a reply wondering if he didn’t send him the wrong information,
what they actually got was USER Y’s E-MAIL with text at the top that was similar to this:
MAIL FROM:
RCPT TO:
RSET
This text is repeated over and over, with all valid users listed in the “FROM” field…
I checked the properties of both original pieces of e-mail, but there is nothing suspicious there.
We have very tight security in that our SMTP settings are locked down to only allow from our specific servers (by IP address.)
We also use MessageLabs service to reject any e-mail sent from “ourcompanyname.com” that doesn’t come from our specific IP…
I’ve opened a PMR, but haven’t gotten any real help yet other than USER Y might have a virus\worm…
However, our PC Support has been at the computers for BOTH user X and Y, and they haven’t been able to find anything!
We’re using McAfee VirusScan Enterprise 8.0.0
Can anyone please help me here??
Thanks so much!
-Molly