-
- Novice
- Posts: 5
- Liked: never
- Joined: Oct 12, 2013 9:04 pm
- Full Name: D C
- Contact:
SPAMM
Hello,
Why am i getting (spamm) emails from your company with this message:
"This is test e-mail message sent by Veeam Backup & Replication."
Sent by my own domain from "alertas @ dinis . pt" to "dinis @ dinis . pt"
Why am i getting this emails so often and why from my own domain
Why am i getting (spamm) emails from your company with this message:
"This is test e-mail message sent by Veeam Backup & Replication."
Sent by my own domain from "alertas @ dinis . pt" to "dinis @ dinis . pt"
Why am i getting this emails so often and why from my own domain
-
- VP, Product Management
- Posts: 27377
- Liked: 2802 times
- Joined: Mar 30, 2009 9:13 am
- Full Name: Vitaliy Safarov
- Contact:
Re: SPAMM
Hello,
Do you have global email notification settings configured (main menu -> options -> email settings)? Might be a silly guess, but could someone in your organization be "playing" with these settings?
Thank you!
Do you have global email notification settings configured (main menu -> options -> email settings)? Might be a silly guess, but could someone in your organization be "playing" with these settings?
Thank you!
-
- VP, Product Management
- Posts: 27377
- Liked: 2802 times
- Joined: Mar 30, 2009 9:13 am
- Full Name: Vitaliy Safarov
- Contact:
Re: SPAMM
Hmm...is this the only backup server installed in your VI? Actually, this is the first time I hear about this behavior... do you see any mentioning of email notifications in the Veeam backup shell log? If you need an assistance with logs review, you can contact our technical support team directly.
-
- Novice
- Posts: 5
- Liked: never
- Joined: Oct 12, 2013 9:04 pm
- Full Name: D C
- Contact:
Re: SPAMM
I dont have, or ever had, any service from this company, why are you asking me for logs....
I just want to know who sent those emails, i meant, who programmed them to be sent, or whatever, and why/how from my own domain.
Will just add your company keywords to several spamm centers until i get a proper reply to know why am i getting this emails
I just want to know who sent those emails, i meant, who programmed them to be sent, or whatever, and why/how from my own domain.
Will just add your company keywords to several spamm centers until i get a proper reply to know why am i getting this emails
-
- VP, Product Management
- Posts: 27377
- Liked: 2802 times
- Joined: Mar 30, 2009 9:13 am
- Full Name: Vitaliy Safarov
- Contact:
Re: SPAMM
Don't get me wrong, but the format of the email in your original post shows that this email was sent by the backup server installed in your environment, that is why I wanted to check logs to see what is going on. I would suggest reviewing Exchange server trace information to determine the IP address of this server and then verify its notification configuration. Hope this makes sense.
-
- VP, Product Management
- Posts: 27377
- Liked: 2802 times
- Joined: Mar 30, 2009 9:13 am
- Full Name: Vitaliy Safarov
- Contact:
Re: SPAMM
I believe these links should be a good place to start, please look them through:
http://social.technet.microsoft.com/For ... svrclients
http://whatismyipaddress.com/trace-email
http://social.technet.microsoft.com/For ... svrclients
http://whatismyipaddress.com/trace-email
-
- Product Manager
- Posts: 14726
- Liked: 1707 times
- Joined: Feb 04, 2013 2:07 pm
- Full Name: Dmitry Popov
- Location: Prague
- Contact:
Re: SPAMM
D C,
Just a quick note - good place to start your investigation are message headers ( go to Outlook > open an email report you got > message options > Internet Headers ). Thank you.
Just a quick note - good place to start your investigation are message headers ( go to Outlook > open an email report you got > message options > Internet Headers ). Thank you.
-
- Novice
- Posts: 5
- Liked: never
- Joined: Oct 12, 2013 9:04 pm
- Full Name: D C
- Contact:
Re: SPAMM
Thank you, im 100% sure its not installed on my machine, headers said the ip is located very far away from me, what i need to know is for whoever installed it, what he needed to know about my domain to install it?
What can i do to remove his access?
Thanks in advance
What can i do to remove his access?
Thanks in advance
-
- VP, Product Management
- Posts: 27377
- Liked: 2802 times
- Joined: Mar 30, 2009 9:13 am
- Full Name: Vitaliy Safarov
- Contact:
Re: SPAMM
Do you see the account that was used to send you the email? You can block this account in the AD and then contact this person for further investigation.
-
- Veteran
- Posts: 366
- Liked: 24 times
- Joined: May 01, 2013 9:54 pm
- Full Name: Julien
- Contact:
Re: SPAMM
i really wouldnt call this spam, however someone from inside your organisation install it and it sending the emails to the sppecifice email adress or group that been configured there.
open the headed email, tracerout the email to know from which machine does it comes.
open the headed email, tracerout the email to know from which machine does it comes.
-
- Product Manager
- Posts: 14726
- Liked: 1707 times
- Joined: Feb 04, 2013 2:07 pm
- Full Name: Dmitry Popov
- Location: Prague
- Contact:
Re: SPAMM
D C,
I suggest you looking into AntiSpam solutions and DNS spamlists to be implemented into your exchange. By the way - a good practice is to create an SPF record for your domain.
Unfortunately, there is no way to prevent you from getting SPAM from the recipient who pretends to be an email user of your domain. It is a global email issue – any SMTP server with no authentication (and that could be open source email hosting) will send an email to any valid recipient. Hopefully one day all open source SMTP servers would use authentication.Thank you, im 100% sure its not installed on my machine, headers said the ip is located very far away from me, what i need to know is for whoever installed it, what he needed to know about my domain to install it?
I suggest you looking into AntiSpam solutions and DNS spamlists to be implemented into your exchange. By the way - a good practice is to create an SPF record for your domain.
-
- Product Manager
- Posts: 14726
- Liked: 1707 times
- Joined: Feb 04, 2013 2:07 pm
- Full Name: Dmitry Popov
- Location: Prague
- Contact:
Re: SPAMM
SPF record would work better as it would actually mark IP addresses responsible for the company’s domain email delivery, without additional costs, but unfortunately that would not save company email users from getting multiple bounce back notifications in case email would be spoofed...
-
- Expert
- Posts: 214
- Liked: 61 times
- Joined: Feb 18, 2013 10:45 am
- Full Name: Stan G
- Contact:
Re: SPAMM
Offcourse there is, SPF records are used exactly for this!d.popov wrote: Unfortunately, there is no way to prevent you from getting SPAM from the recipient who pretends to be an email user of your domain.
The main goal, is using exchange tracking to see if the messages comes from inside the organization or outside.
-
- Product Manager
- Posts: 14726
- Liked: 1707 times
- Joined: Feb 04, 2013 2:07 pm
- Full Name: Dmitry Popov
- Location: Prague
- Contact:
Re: SPAMM
ITP-Stan,
As I mentioned before - creation of the SPF would only save your domain being spoofed. The funny thing is that original recipient would not get spam message send on behalf of your domain because of the SPF record preventing your domain being spoofed but your domain mailboxes would get bounce backs each time such spam message is rejected. Some spam bots are actually using this scenario to deliver spam in bounce back messages.
For tracking purposes - mail headers in outlook or exchange server tracking could be used.
As I mentioned before - creation of the SPF would only save your domain being spoofed. The funny thing is that original recipient would not get spam message send on behalf of your domain because of the SPF record preventing your domain being spoofed but your domain mailboxes would get bounce backs each time such spam message is rejected. Some spam bots are actually using this scenario to deliver spam in bounce back messages.
For tracking purposes - mail headers in outlook or exchange server tracking could be used.
-
- Expert
- Posts: 214
- Liked: 61 times
- Joined: Feb 18, 2013 10:45 am
- Full Name: Stan G
- Contact:
Re: SPAMM
That's wrong.
You won't get many (or almost non) bounce messages, because almost all mailservers will close the connection and don't accept the message when the SPF record doesn't allow the sender IP to use the domain. Or they do accept it but don't send bounces when the SPF fails.
So no bounces are send. Mailservers who don't follow these rules quickly end up on blacklists, so you can be sure that 99% of them follows these rules.
One thing that you must take into account for a Microsoft AD, if your internal and external domain are the same, you need to define the SPF record on your internal DNS as well.
You won't get many (or almost non) bounce messages, because almost all mailservers will close the connection and don't accept the message when the SPF record doesn't allow the sender IP to use the domain. Or they do accept it but don't send bounces when the SPF fails.
So no bounces are send. Mailservers who don't follow these rules quickly end up on blacklists, so you can be sure that 99% of them follows these rules.
One thing that you must take into account for a Microsoft AD, if your internal and external domain are the same, you need to define the SPF record on your internal DNS as well.
-
- Product Manager
- Posts: 14726
- Liked: 1707 times
- Joined: Feb 04, 2013 2:07 pm
- Full Name: Dmitry Popov
- Location: Prague
- Contact:
Re: SPAMM
ITP-Stan,
Sounds good, but it seems this conversation went too far from the original poster's question. If you have any Veeam B&R related questions I would gladly help you with them. Thank you!
Sounds good, but it seems this conversation went too far from the original poster's question. If you have any Veeam B&R related questions I would gladly help you with them. Thank you!
Who is online
Users browsing this forum: Regnor, Semrush [Bot] and 75 guests