So we have a pretty decent spam filter. The problem now seems to be that someone out there is impersonating one of our e-mail addresses, and is sending out spam claiming to be us. Our mail server then floods one of our executives (firstname.lastname@example.org)
with a ton of bounce-back message.
I don't know how they're doing this, all our SPF records are up and I'm passing all the tests at mxtoolbox.com. Any ideas where I can go to troubleshoot? I'm including one of the bounce-backs... domain.com is an alias for our own domain.
Delivery has failed to these recipients or groups:
The e-mail address you entered couldn't be found. Please check the recipient's e-mail address and try to resend the message. If the problem continues, please contact your helpdesk.
The following organization rejected your message: mxs.mail.ru (18.104.22.168).
Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.