You will want to check the headers for routing information. It will indicate which SMTP server or servers the message passed through to get to you. Most likely, what you'll find is that these messages are coming through an open relay server on the internet. So you may not know who originated the message, just who left the mail server open to relay messages. ----- Original Message ----- From: Nathan Simpson To: [ISAserver.org Discussion List] Sent: Tuesday, August 26, 2003 9:41 PM Subject: [isalist] Very OT. How can I find out where an email really came from? http://www.ISAserver.org Hi, We seem to be getting a lot of junk email as of yesterday and it is annoying the users. Trouble is, I don't think the email address that the mail says it comes from is not really the address it is coming from. How can I find out where a mail may have really been send from? I know there is spam blocking software etc. that can be purchased but these emails actually have only one line of text and this could be in a legitimate email. We aren't using the ISA SMTP screener. We would block from our Domino Server. Thanks Regards, Nathan Simpson Australian Wool Handlers Forest Rd Lara VIC 3212 Ph. (03) 5272 9227 Fax (03) 5274 2084 This message and any attachments are confidential and may be subject to legal or other professional privilege. Any confidential or privilege is not waived or lost because this e-mail has been sent to you by mistake. If you have received this transmission in error, please notify us by reply e-mail, or phone +613 5272 9227 and delete our e-mail. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: papexpjboi@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')