Our company has almost 1000 premium axigen accounts (axigen version 10.3.1.10).
Whenever someone sends an e-mail from and to certain (about 20-30) mailboxes another recipient is attached to that mail. IN our case its always email@example.com! example below:
This also happens whenever someone outside our domain sends a mail to those 20-30 mailboxes. pic below: http://prntscr.com/uw245h
I made a rule in Acceptance&Routing to discard recipient whenever servermailer001@gmail is present but i still see it in queue…
Is there a way to block that mail adress completely without seeing it in queue?
Any help is appreciated.
Hi and thanks for the reply.
Here is this morning queue: http://prntscr.com/uy7jzi
and here is part of the logs for that mail: log 13-10-2020 axi.txt (4.0 KB)
There is no servermailer001@gmail in any logs on axigen whatsoever…
Any other rule i can make in axigen to remove servermailer or something else i can do to prevent this.
Wow you are right there is something happening in processing.
Heres the log: processing 13-10-2020 axi.txt (16.1 KB)
Servermailer@gmail is appearing here.
What seems to be the issue?
Thanks for the help
That’s IT! you are right there was a custom rule in user filter for that account…
Thank you so much for the help.
Must’ve been somekind of malware or worm that got access to that account and added that rule…
Thank you again