Email trace

W

Wulagi

We run ISA as a proxy server for our institution. Our ISP provides a static
IP address. We only use Exchange for internal email. Our system is a Windows
server 2003 and all users have to use an account to get onto the system and
access the internet. We use DHCP with assigned IP addresses on each computer.
External email is only available through third party external email such as
Yahoo. We have a problem of a user sending threatening and abusive email via
a Yahoo account to an external address. We can't identify the Yahoo address.
Wh have traced the emails back to the static IP address that is our internet
port and thus know that it is coming from our network (we have 60 computers
on the network and up to 300 users). Is there any way for us to identify what
machine (an account if possible) the emails are originating from?
 
J

James Matthews

The person can also bounch it around so there is really no way...

--

http://search.goldwatches.com/
http://www.jewelerslounge.com/
"Wulagi" <Wulagi@discussions.microsoft.com> wrote in message
news:E5A4CD5A-FD8F-4F9B-8E56-368968FD96F6@microsoft.com...
> We run ISA as a proxy server for our institution. Our ISP provides a
> static
> IP address. We only use Exchange for internal email. Our system is a
> Windows
> server 2003 and all users have to use an account to get onto the system
> and
> access the internet. We use DHCP with assigned IP addresses on each
> computer.
> External email is only available through third party external email such
> as
> Yahoo. We have a problem of a user sending threatening and abusive email
> via
> a Yahoo account to an external address. We can't identify the Yahoo
> address.
> Wh have traced the emails back to the static IP address that is our
> internet
> port and thus know that it is coming from our network (we have 60
> computers
> on the network and up to 300 users). Is there any way for us to identify
> what
> machine (an account if possible) the emails are originating from?
 
F

fpjr843

I would offer that you could use a network sniffer that records all packets
and can reconstruct user activity. Set it to filter on words like Yahoo.
Set it up to capture all your Internet traffic.

I don't know much about proxy servers but maybe the ISA can already do
something like that.

"Wulagi" wrote:

> We run ISA as a proxy server for our institution. Our ISP provides a static
> IP address. We only use Exchange for internal email. Our system is a Windows
> server 2003 and all users have to use an account to get onto the system and
> access the internet. We use DHCP with assigned IP addresses on each computer.
> External email is only available through third party external email such as
> Yahoo. We have a problem of a user sending threatening and abusive email via
> a Yahoo account to an external address. We can't identify the Yahoo address.
> Wh have traced the emails back to the static IP address that is our internet
> port and thus know that it is coming from our network (we have 60 computers
> on the network and up to 300 users). Is there any way for us to identify what
> machine (an account if possible) the emails are originating from?
 
You must log in or register to reply here.

Similar threads

J
Windows Server 2019 Inaccessible after subnet mask growth
Replies
0
Views
48
Jared Holston
J
A
No network after the switch reboots
Replies
0
Views
18
AmpliWiFi
A
M
Changed Exchange 2019 DNS MX Records for Spam Filter Service and Exchange Active Sync Now Fails
Replies
0
Views
21
Michael1000
M
J
How can we unblock my son’s account using email for code?
Replies
0
Views
29
Jason Nadon-Rzasa
J
J
We got an email stating that i purchased Microsoft business premium at 792.00 which we didn't order. is 1-862-239-7385 a legit phone number for Micros
Replies
0
Views
21
Joseph Ahearn1
J
Back
Top Bottom