Dear All,
We are getting bulk spams and Microsoft Forefront application is unable to block those emails. All are those mails are like notice, court notice.
Forefront is just blocking its virus infectected attachments but passing spam to reach end users.
All the times its coming from different sender email id, different domains and IP address so its very difficult to block by these attributes.
Please find below message header sample
Received: from Edge1.abc.com (192.168.1.1) by
HT1.abc.com (192.168.12) with Microsoft SMTP Server (TLS)
id 14.2.318.1; Wed, 5 Feb 2014 02:46:35 +0530
Received: from kirkland.com (122.150.95.94) by Edge1.abc.com (192.168.1.1)
with Microsoft SMTP Server id 14.2.318.1; Wed, 5 Feb 2014
12:25:47 +0530
Message-ID: <002201cf223f47f4d62c0200a8c0@Ron-PC>
From: Notice to quit <notice_support.8@kirkland.com>
To: <user.abc.com>
Subject: SUSPECT: Notice to quit No3443
Date: Wed, 5 Feb 2014 16:55:40 +1100
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_001F_01CF2293.199F4940"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: XimianEvolution1.4.6
X-MimeOLE: Produced By XimianEvolution1.4.6
Return-Path: notice_support.8@kirkland.com
Received-SPF: Neutral (EDGE01.abc.com: 122.150.95.94 is neither
permitted nor denied by domain of notice_support.8@kirkland.com)
X-MS-Exchange-Organization-AuthSource: HT1.abc.com
X-MS-Exchange-Organization-AuthAs: Anonymous
Need your help to resolve this issue.