aghoffmann Posted October 22, 2008 Report Share Posted October 22, 2008 I periodically get a flurry of "Mail Delivery System" errors. I just sat down and checked my email after checking it only about 3 hours ago and had over 60 emails with some variation of the Returned mail / failure notice / Undeliverable mail / etc. This has occurred to me several times in the past. It seems I'll get a series of these, then nothing for a few months.When I look at the emails it appears that emails were sent using my email address. In other words it appears that my email was "hijacked". The returned "Mail Delivery System" emails appear to be from all over the world.I sent a hijackthis log to the malware forum the last time this happened a few months ago and had a "clean" machine. They recommended I contact the PC forum.Any idea why I would get these? I have saved the emails this round. Would any information from them be helpful in figuring this out?Thanks,Andy Quote Link to post Share on other sites
TheTerrorist_75 Posted October 22, 2008 Report Share Posted October 22, 2008 I looked at your old HJT log and didn't like a couple of items. The main one was that Norton and AVG were both on the PC. They can conflict causing false reports. I would like to see a new HJT log posted in the malware section for a senior HJT expert to look it over. Quote Link to post Share on other sites
Pete_C Posted October 22, 2008 Report Share Posted October 22, 2008 Spammers harvest email addresses from all over. Generally they start by buying a mailing list from some site where you registered , or they use harvesters which crawl the web like google's bots searching for email addresses.Once they have email addresses they generally test and confirm them by sending out some spam with hidden invisible gif files with unique identifier numbers (web bugs). When you open the spam email, even if you do not see any images, a call has been placed to a server asking for that gif. By cross referencing the logs at the server they can tell which email addresses opened the spam . Now they have a list of valid email addresses they can sell to other spammers and use themselves.Most spammers do not use their own machines or their own servers. Instead they use botnets, vast arrays of computers which have been infected with malware which when the computer is connected to the internet will open various ports (generally IRC ports) and listen for and relay data. This includes a basic spam message and list of email addresses.They then pluck one email address from the list and put it in the from line, and pluck another and put it in the to line and spoof the header and then spew out spam at a rate of about thirty a second. Bouncing spam was an old idea , back in the days when spammers actually sent spam from their own machines (before congress passed the can spam act making that illegal) . People bounced spam back and even some ISPs did this with the "undeliverable" mail line hoping that the address would be removed from the list. But since spammers no longer work this way, bouncing spam back as undeliverable is pointless. So ISPs no longer do this; but a lot of idiots still do . They have old spam blocker software which is outdated and they "bounce" the spam back with a spoofed header pretending to be from their ISP . But what they do not realize is it does not get bounced back to the spammer or even the bot which sent it, it gets bounced back to the poor soul whose email address was harvested. So he suddenly gets floods of "undeliverable mail" notifications (which actually represent only a tiny fraction of the spam being sent in his name).Also, many spammers use this as a technique to get you to open the spam. They spoof a bounced mail undeliverable mail header so you see this mail you apparrently sent being bounced back and open it to see what it was (and in the act confirming your address as valid)There are options, you can close the account and use a different email address being more careful.You can put message filters to mark these as spam / junk and automatically delete them or move them to a folder you specify.You can just ignore them and delete them.You can use spam filtering and as noted above train it that these are spam and should be trashed. Quote Link to post Share on other sites
martymas Posted October 22, 2008 Report Share Posted October 22, 2008 yes i agree with pete prior to installing vistai used thunderbirdwhich has to be trained for email spambut the VISTA mail hasent allowed spam mail into my sys the other plus which ive used is to complicate my emailaddress with advice from my isp is to jumble up the letters and numbersthe other thing i learned is not to publish your email address on the web if you do your a targetif you read a post on this site about some of the worst spammers came from new zealandwell i wasent touched but may friends were badly affectedthose bastards are now in jail as here it is an offence to spam emailsgood luck marty Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.