I'm ashamed to say that for the first time ever, spam has been generated from my network. All of our outbound mail is routed through Google / Postini, and they cut us off last night after detecting it. I'm mortified.
What I'm needing help with is tracking down the source. I can see who the message claims to be from, and Postini tech support thinks her account really is the source (I assumed the "From:" address had been forged). But even if her account really is the source, I need to know what machine generated the traffic so that I can see what's running on it. To be honest, I'm not sure how to do that. My weakness with Exchange is showing. I thought maybe the message tracking tool, which I've used to find some of the messages, but I can't see the originating IP address in there. Some of the entries say "2002:96b0:25ac::96b0:25ac" for the ClientIP. I don't know what that is. Any pointers? John Hornbuckle MIS Department Taylor County School District www.taylor.k12.fl.us NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure.
