Hello,

 

I am starting to get an increasing amount of Delivery Failure emails from our backup mail server to multiple address across multiple domains.

 

It is clearly spam emails being sent from a valid xxx@domain.com to the same xxx@domain.com through our backup mail server.

 

The person then received the Delivery Failure email, essentially getting a stripped down spam email.

 

I'm unsure how I stop this. I'm guessing I just am missing something simple.

 

I'm also unsure how so many valid emails are being sent spam this way, almost like the server is somehow publicly showing addresses. I doubt that is the deal, I am assuming they are getting the addresses the way they always would but choosing to attack this way since the spam block is getting most all spam quite well.

 

Any insight would be helpful. I'll paste an example below so you can see what I'm talking about 100%. I have renamed our domain names but want to confirm the email is a valid address on our domain. The example below is actually an alias so it isn't even a valid sending account.

 

Received: from adsl.viettel.vn (adsl.viettel.vn [115.76.190.40]) by mail2.backupserver.net with SMTP;
   Sat, 18 Aug 2018 04:15:36 -0500
Message-ID: <26104B577E7D0C62540F133A39482610@84ND78XU>
From: <benchmark@validdomain.com>
To: <benchmark@validdomain.com>
Subject: Enjoy?
Date: 18 Aug 2018 21:55:40 +0600
MIME-Version: 1.0
Content-Type: text/plain;
charset="cp-850"
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5512
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512