Thank you ppl - That puts my mind to rest - and thanks to the flood of fast responses!! Appreciated! =)
In case anyone else has missed it - here's a summary A spammer or virus will forge (and most likely has in our case) a domain to mask their own presence, so when the recipient replies (individually, or by an automatic setup), the message gets sent to the forged domain, in this case being our server. I.E. Somewhere along the line, someone out there has decided to use waterexchange.com.au in the 'From' field in the email headers (with a randomly generated 'user' eg. [EMAIL PROTECTED]) so when the recipient gets the email, it appears as though it came from our server. Also advised, is that anyone with a system set up to automatically reply to emails such as these (with viruses, or considered to be spam), should consider turning them off because it is most likely to be a mask and responses only add to the unnecessary traffic, and annoy the (usually) innocent users from the domain that has been forged... =P or something.. =) Thanks again for all your help! Any idea how we might try and find the real source AND/OR should we report the abuse to some authority of some sort? Cheers, Jared Pritchard
<<attachment: winmail.dat>>
-- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
