We are getting spammed by messages where the "Sender" field matches a legitimate user on our domain. I can tell when the sender is being spoofed by looking at the routing information in the message source, is there an anti spam program that can do the same? My only other option would be to create new user accounts. All my users have Outlook 03 or 07. Every user has a custom mail folder named "Dead_Letter". My anti-spam rules are as follows *If the From fields contains user's email address and subject does not include "test", send message to Dead_Letter *If Sender field contains [i]MyOrganizationDomain[/i] stop processing more rules (I could tighten this by maintaining a central list of all legitimate local addresses ,i.e., bob@[i]MyOrganizationDomain[/i] will pass through even if we don't have a Bob, but it hasn't happened often enough to make it worth the effort) *If Sender is in "Contacts", stop processing rules *Everything left,sen to "Dead_Letter" I always figured these rules would accomplish everything a third party spam filter could do. Is there anything that will analyze the message beyond the sender controlled fields? It looks like someone's Contact's folder got uploaded by a bot (could be a home computer where I have no control). The mail server is offsite and hosted my a provider that does not do filtering. Thanks

You don't say if you have Exchange or are POP'ing...or how large your company is... But take a look at Postini...if you are POP'ing, Google has some email services that may help... Google owns Postini... They also offer a system that utilizes Postini for Exchange users... My company, about 1400 users, utilizes Postini...yes some things get thru, not very many...but it blocks a truckfull of crap