Hi John, For example: A PC within our network gets infected with mass mailer virus. This PC starts sending mails to all the users in the address book. So if i can find out the IP address of that PC then i can easly track it down and pull off the network. I used to do this in my privious company. We had sendmail running on HPUX and we could easly figure out the sender host IP. I can still trace incomming mails from outside world as i have sendmail sitting in the gateway. But i want to know how do i do this with Exchange 2003. Regards Praveen R "John Tolmachoff (Lists)" <johnlist@xxxxxxxxxxxxxxxxxxx> wrote: http://www.MSExchange.org/ What is the purpose of knowing where the virus infected e-mail came from? In this day and age, most viruses now are using virus infected zombies to send their filth. Chances are if you received 50 different virus infected e-mails, they will come from 45 different IP addresses. Now, if you are talking about your outgoing messages, that is the wrong way to find them, or I should say the least efficient way. John T eServices For You -----Original Message----- From: Praveen Ramaswamy [mailto:ramaswamy_praveen@xxxxxxxxx] Sent: Tuesday, July 05, 2005 7:11 AM To: [ExchangeList] Subject: [exchangelist] Tracking mails http://www.MSExchange.org/ Hi, I want to track incoming and outgoing mails on my exchange 2003 server. Basically i want to know from which IP address the mail has arrived on exchange server. In case of a virus mail , anti virus quarantines the message which is fine, but i would like to know the host which is generating the mails. Basically i can check for message header in outlook options but can i find this info on the server it self. Message tracker doesn't give details about the host it has reviced the mail from. Regards Praveen R --------------------------------- Discover Yahoo! Stay in touch with email, IM, photo sharing & more. Check it out! ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: johnlist@xxxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Report abuse to listadmin@xxxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: ramaswamy_praveen@xxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Report abuse to listadmin@xxxxxxxxxxxxxx --------------------------------- Yahoo! Mail Stay connected, organized, and protected. Take the tour