I'm spamming??!?!

S

Stormwalker

Limp Gawd
Joined
Nov 8, 2004
Messages
172
Hello, this is my first post in this forum (I've been lurking for quite some time). However, I have run into a problem that has driven me to post once and for all. When I opened my e-mail this morning at work I received this message:
- These recipients of your message have been processed by the mail server: [email protected]; Failed; 5.1.1 (bad destination mailbox address)

Remote MTA 66.28.189.160: SMTP diagnostic: 551 <[email protected]> is a deactivated mailbox


Hmm. That is strange. Don't remember sending dianavinzon or whatever any emails. Ah, looks like there is two attachments (text). After a quick update to pc cillin, I decide to open the attachments. #1 said this:
Reporting-MTA: dns; C9mailgw06.amadis.com
Received-from-MTA: dns; ctmail.com (10.9.0.1)
Arrival-Date: Mon, 8 Nov 2004 03:13:36 -0800

Final-Recipient: rfc822; [email protected]
Action: Failed
Status: 5.1.1 (bad destination mailbox address)
Remote-MTA: dns; 66.28.189.160
Diagnostic-Code: smtp; 551 <[email protected]> is a deactivated mailbox

Attachment #2:
Return-Path: <******@qwest.net>
Received: from ctmail.com (10.9.0.1) by C9mailgw06.amadis.com (NPlex 6.5.029)
id 4166F47A04FDBCC4 for [email protected]; Mon, 8 Nov 2004 03:13:36 -0800
X-Commtouch-Loop:3
Received: FROM [202.164.35.10] By c9diamond05.diamond.amadis.com ; Mon, 08 Nov 2004 03:13:07 -0800
Date: Mon, 08 Nov 2004 22:22:45 +0000
From: ******@qwest.net
Subject: cheap pharmacy prices...prescriptions available
To: Dianavinzon <[email protected]>
References: <[email protected]>
In-Reply-To: <[email protected]>
Message-ID: <[email protected]>
MIME-Version: 1.0
Content-Type: text/html; charset=koi8-r
Content-Transfer-Encoding: 8bit

"cheap pharmacy prices" and it is being sent from my address. So instead of ignoring the problem and simply allowing my e-mail and computer to act as a zombie box for spammers, I was wondering if anyone here was familiar with this problem, and if there is anything I should do. Thanks.
 
yeah scan your computer with spybot and adware .. goto www.trendmicro.com and scan your computer from the web there .. and check your outbox on your computer and see if there is alot of e-mail also get a program like zonealarm and block your e-mail and see if it keeps trying to connect to the internet that will tell you if you are sending out mass e-mails

and update your version of windows
 
I have run a virus scan with the most recent definitions, and also I have run spybot with latest updates. Both say the computer is clean. My outbox on outlook only lists the e-mails that I myself have sent (does not list anything suspicious). The computer itself is a very recent build, so it would surprise me if it has had time to accumulate crap. As far as purchasing a program such as zonealarm, I would have to get that approved, since I cannot spend company money without approval, and I think I maxed out my budget with the computer order for the 2 new employees this month already. This problem does not hamper my ability to work or anything, but it annoys me that it is a possibility someone is using my address to spam. Could someone just be spoofing my address, without running a program on my computer?
 
No, no, no...

Chances are that you're clean and your address has just been spoofed into the 'reply to' field of the emails. So when the bounce comes that the recipient's email address is bad...you get it and not the actual spammers. Mighty nice of them isn't it? :rolleyes:
 
That is kind of what I figured. I don't suppose there is a way to track them down James Bond style, and crash through their roof sliding down ropes with a tec9 strapped to my back while they all run from their poker table screaming for guards and jumping into Jeeps to get away through the warehouse district while helicopters overhead shoot missles making huge explosions everyone has to run through while martial arts style hand to hand action is taking place above a boiling cauldron of acid, now is there hmmm? Didn't think so.
 
Wolf-R1 said:
No, no, no...

Chances are that you're clean and your address has just been spoofed into the 'reply to' field of the emails. So when the bounce comes that the recipient's email address is bad...you get it and not the actual spammers. Mighty nice of them isn't it? :rolleyes:
Click to expand...
Correct. Occasional bounce-backs like this happen -- I've gotten them in webmail addresses when there's no possible way my own computers are responsible.

If you start seeing hundreds daily, though, that's when you should suspect you've become a spam zombie.
 
if you don't run a mail server you should be able to close port 25 outbound on your firewall without a problem. if you use outlook or some other email client to retrieve mail it should not be using port 25 so that should not be affected.
 
Stormwalker, welcome to the [H]. :)

As an admin here, I can see the IP addy you're posting from and it is nowhere in the headers you posted. I think it's safe to say your computer is innocent.

But, as mentioned, spammers like to spoof return addys so they don't get the bounced emails. You can bet that when they buy a spam list ("99 million FRESH! email addresses for only $99!") they know a lot of them are going to bounce.

Can you imagine my horror at getting bounced email for kiddie porn that had my ISP addy listed as the sender? Yeah, it happened. I've since changed ISPs and am uber protective of my ISP addy, using a yahoo account for the bulk of my correspondence.

The worst case scenario is that someone would report you to your ISP, which could then easily tell from the header info that you were not the actual sender.
 
Thanks for all the responses, I feel a little bit better that it is nothing on my machine. I guess if someone is going to spoof my address, then there is nothing much I can do about it. I have not recieved any more like that all day, so I can cross my fingers and hope that a spammer just used my address for a single run of e-mails or something. Thanks again!
 
You must log in or register to reply here.
Back
Top