RE: How'd they do that?

  • From: Andrea Coppini <AndreaCoppini@xxxxxxxx>
  • To: "'[ExchangeList]'" <exchangelist@xxxxxxxxxxxxx>
  • Date: Mon, 15 Jul 2002 12:51:51 +0200

Could it be that LDAP is allowed to be accessed by the internet?

I'm not sure, but I think you can get the e-mail addresses of users using an
LDAP query without being authenticated.

The spammer could have used LDAP to retreive all e-mail addresses it can
find and send spam to those addresses.

-----Original Message-----
From: exchange@xxxxxxxxxxx [mailto:exchange@xxxxxxxxxxx] 
Sent: Sunday, July 14, 2002 12:57 AM
To: [ExchangeList]
Subject: [exchangelist] RE: How'd they do that?

I have a question you say everyone got this message but did the message 
specifically send to their (your clients) email id or was it just a spam 
message? Check the header of the message and see who the recipients are.

At 10:50 AM 7/12/2002 -0700, you wrote:
>Thanks for the response, Frank.  I'm really new to Exchange.  Could you 
>go into more detail?
>-----Original Message-----
>Perhaps a mail-enabled security group (like perhaps Domain Users)??? 
>____________________ FRANK WAKELIN
>This message is intended for the sole use of the individual and entity to
>whom it is addressed, and may contain information that is privileged,
>confidential and exempt from disclosure under applicable law.  If you are
>not the intended addressee, nor authorized to receive for the intended
>addressee, you are hereby notified that you may not use, copy, disclose or
>distribute to anyone the message or any information contained in the
>message.  If you have received this message in error, please immediately
>advise the sender by reply email and delete the message.  Thank you very
>You are currently subscribed to this Discussion List as:
>To unsubscribe send a blank email to

You are currently subscribed to this Discussion List as:
To unsubscribe send a blank email to

Other related posts: