We seem to be getting a lot of spam messages in the form of fake NDRs, most of Which involve our internal [log in to unmask] addresses. The interesting thing is that our exchange server has always been configured such that outgoing message headers show as being from [log in to unmask] The internal departmental address info shouldn't be getting exposed at all as far as I can tell; but yet, NDRs directed to [log in to unmask] addresses keep coming. What might I be missing here? Thanks, Al Puzzuoli Information Technologist Resource Center for Persons with Disabilities 517-884-1915 120 Bessey Hall East Lansing, MI 48824-1033 http://www.rcpd.msu.edu