Recommended Posts

I periodically get a flurry of "Mail Delivery System" errors. I just sat down and checked my email after checking it only about 3 hours ago and had over 60 emails with some variation of the Returned mail / failure notice / Undeliverable mail / etc. This has occurred to me several times in the past. It seems I'll get a series of these, then nothing for a few months.

When I look at the emails it appears that emails were sent using my email address. In other words it appears that my email was "hijacked". The returned "Mail Delivery System" emails appear to be from all over the world.

I sent a hijackthis log to the malware forum the last time this happened a few months ago and had a "clean" machine. They recommended I contact the PC forum.

Any idea why I would get these? I have saved the emails this round. Would any information from them be helpful in figuring this out?

Thanks,

Andy

Link to post
Share on other sites

I looked at your old HJT log and didn't like a couple of items. The main one was that Norton and AVG were both on the PC. They can conflict causing false reports. I would like to see a new HJT log posted in the malware section for a senior HJT expert to look it over.

Link to post
Share on other sites

Spammers harvest email addresses from all over.

Generally they start by buying a mailing list from some site where you registered , or they use harvesters which crawl the web like google's bots searching for email addresses.

Once they have email addresses they generally test and confirm them by sending out some spam with hidden invisible gif files with unique identifier numbers (web bugs). When you open the spam email, even if you do not see any images, a call has been placed to a server asking for that gif. By cross referencing the logs at the server they can tell which email addresses opened the spam .

Now they have a list of valid email addresses they can sell to other spammers and use themselves.

Most spammers do not use their own machines or their own servers. Instead they use botnets, vast arrays of computers which have been infected with malware which when the computer is connected to the internet will open various ports (generally IRC ports) and listen for and relay data. This includes a basic spam message and list of email addresses.

They then pluck one email address from the list and put it in the from line, and pluck another and put it in the to line and spoof the header and then spew out spam at a rate of about thirty a second.

Bouncing spam was an old idea , back in the days when spammers actually sent spam from their own machines (before congress passed the can spam act making that illegal) . People bounced spam back and even some ISPs did this with the "undeliverable" mail line hoping that the address would be removed from the list. But since spammers no longer work this way, bouncing spam back as undeliverable is pointless. So ISPs no longer do this; but a lot of idiots still do . They have old spam blocker software which is outdated and they "bounce" the spam back with a spoofed header pretending to be from their ISP . But what they do not realize is it does not get bounced back to the spammer or even the bot which sent it, it gets bounced back to the poor soul whose email address was harvested. So he suddenly gets floods of "undeliverable mail" notifications (which actually represent only a tiny fraction of the spam being sent in his name).

Also, many spammers use this as a technique to get you to open the spam. They spoof a bounced mail undeliverable mail header so you see this mail you apparrently sent being bounced back and open it to see what it was (and in the act confirming your address as valid)

There are options, you can close the account and use a different email address being more careful.

You can put message filters to mark these as spam / junk and automatically delete them or move them to a folder you specify.

You can just ignore them and delete them.

You can use spam filtering and as noted above train it that these are spam and should be trashed.

Link to post
Share on other sites

yes i agree with pete

prior to installing vista

i used thunderbird

which has to be trained for email spam

but the VISTA mail hasent allowed

spam mail into my

sys

the other plus which ive used

is to complicate my email

address with advice from my isp

is to jumble up the letters and numbers

the other thing i learned is

not to publish your email address on the web

if you do your a target

if you read a post on this

site about some of the worst spammers came from new zealand

well i wasent touched but may friends were badly affected

those bastards are now in jail

as here it is an offence to spam emails

good luck

marty

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...