Email trace

W

Wulagi

We run ISA as a proxy server for our institution. Our ISP provides a static
IP address. We only use Exchange for internal email. Our system is a Windows
server 2003 and all users have to use an account to get onto the system and
access the internet. We use DHCP with assigned IP addresses on each computer.
External email is only available through third party external email such as
Yahoo. We have a problem of a user sending threatening and abusive email via
a Yahoo account to an external address. We can't identify the Yahoo address.
Wh have traced the emails back to the static IP address that is our internet
port and thus know that it is coming from our network (we have 60 computers
on the network and up to 300 users). Is there any way for us to identify what
machine (an account if possible) the emails are originating from?
 
J

James Matthews

The person can also bounch it around so there is really no way...

--

http://search.goldwatches.com/
http://www.jewelerslounge.com/
"Wulagi" <Wulagi@discussions.microsoft.com> wrote in message
news:E5A4CD5A-FD8F-4F9B-8E56-368968FD96F6@microsoft.com...
> We run ISA as a proxy server for our institution. Our ISP provides a
> static
> IP address. We only use Exchange for internal email. Our system is a
> Windows
> server 2003 and all users have to use an account to get onto the system
> and
> access the internet. We use DHCP with assigned IP addresses on each
> computer.
> External email is only available through third party external email such
> as
> Yahoo. We have a problem of a user sending threatening and abusive email
> via
> a Yahoo account to an external address. We can't identify the Yahoo
> address.
> Wh have traced the emails back to the static IP address that is our
> internet
> port and thus know that it is coming from our network (we have 60
> computers
> on the network and up to 300 users). Is there any way for us to identify
> what
> machine (an account if possible) the emails are originating from?
 
F

fpjr843

I would offer that you could use a network sniffer that records all packets
and can reconstruct user activity. Set it to filter on words like Yahoo.
Set it up to capture all your Internet traffic.

I don't know much about proxy servers but maybe the ISA can already do
something like that.

"Wulagi" wrote:

> We run ISA as a proxy server for our institution. Our ISP provides a static
> IP address. We only use Exchange for internal email. Our system is a Windows
> server 2003 and all users have to use an account to get onto the system and
> access the internet. We use DHCP with assigned IP addresses on each computer.
> External email is only available through third party external email such as
> Yahoo. We have a problem of a user sending threatening and abusive email via
> a Yahoo account to an external address. We can't identify the Yahoo address.
> Wh have traced the emails back to the static IP address that is our internet
> port and thus know that it is coming from our network (we have 60 computers
> on the network and up to 300 users). Is there any way for us to identify what
> machine (an account if possible) the emails are originating from?
 
You must log in or register to reply here.

Similar threads

S
Can two different users see/respond to emails sent to same alias email address?
Replies
0
Views
23
Stacie Mag
S
O
Someone successfully created Microsoft account with our corporate email
Replies
0
Views
24
OrangeBB
O
D
Locked out of two Yahoo email accounts.
Replies
0
Views
25
DavidKirk727
D
H
DNS Update
Replies
0
Views
19
Harry Ramanujam
H
S
Public IP Not Captured in IIS Logs – Seeing Private IP of Network Gateway Instead
Replies
0
Views
18
Saurabh Sutone
S
Back
Top Bottom