W
will~
Outlook 2003 (SP3), Exchange Server 2003 on Windows Server 2003 R2 standard
In Outlook, both 'Read receipt' and 'Delivery receipt' has been turned on.
A 'Delivered: Return Receipt' has been delivered to the inbox of a user (A).
-----------------
Your message
To: Jo Bloggs
Subject: RE: xxx
Sent: 08/02/2008 09:36
was delivered to the following recipient(s):
(e-mail address removed)
-----------------
It raises some concern as user inform me that an email has never been sent
to this business contact in recent weeks, and no email has ever been sent
with that subject title. Checking of the Journal Mailbox confirm this is
true.
The email header of the return receipt email was checked from the user's
machine. It appears to be generated from the business contact's company.
I.e. "From: Mailer-Daemon:ext.domainname.co.uk". Using Message Tracking
Center in Exchange System Manager, other previous genuine return receipts
from the same email address can be found.
Now the concern is how could the user receive a return receipt for an email
that has not been sent, but more worry about the content of that
inappropriate email the receipent (might) received and believe it was sent
from the user.
If someone (internal) has sent an email using the user (A)'s account, then
the outgoing email would still be logged in the journal mailbox, but this
could not be found. Is it possible that someone (external) could construct
an email, send it to "(e-mail address removed)" and got their email
software to believe it was originated from us?
Please could you advice how this could be investigated further? Many thanks
in advance,
In Outlook, both 'Read receipt' and 'Delivery receipt' has been turned on.
A 'Delivered: Return Receipt' has been delivered to the inbox of a user (A).
-----------------
Your message
To: Jo Bloggs
Subject: RE: xxx
Sent: 08/02/2008 09:36
was delivered to the following recipient(s):
(e-mail address removed)
-----------------
It raises some concern as user inform me that an email has never been sent
to this business contact in recent weeks, and no email has ever been sent
with that subject title. Checking of the Journal Mailbox confirm this is
true.
The email header of the return receipt email was checked from the user's
machine. It appears to be generated from the business contact's company.
I.e. "From: Mailer-Daemon:ext.domainname.co.uk". Using Message Tracking
Center in Exchange System Manager, other previous genuine return receipts
from the same email address can be found.
Now the concern is how could the user receive a return receipt for an email
that has not been sent, but more worry about the content of that
inappropriate email the receipent (might) received and believe it was sent
from the user.
If someone (internal) has sent an email using the user (A)'s account, then
the outgoing email would still be logged in the journal mailbox, but this
could not be found. Is it possible that someone (external) could construct
an email, send it to "(e-mail address removed)" and got their email
software to believe it was originated from us?
Please could you advice how this could be investigated further? Many thanks
in advance,