Spammers are using my email address!

Log Out | Lost Password? | Topics | Search Contact | Register | My Profile | SO home | MOL home

Thread Originator Last Poster Posts Pages Last Post   Closed: New threads not accepted on this page

Author Message   jamie Moderator Username: Jamie Post Number: 380 Registered: 6-2001 Posted on Monday, November 3, 2003 - 12:10 pm:        I have no idea what to do, I'm getting over 100 returned emails a day from a spammer who's using one of my domains as the return-to & reply-to address. The frustrating part is that I can't even see the body of the message - only the subject. Here's a sample of what gets returned, if anyone has any thoughts please let me know. I wish I could sue whoever is doing this. As a result my domain is being associated with spam and as a result is probably getting banned from certain mail servers. (My domain is worldwebs.com - I get all emails associated with this - which I can turn off, but would still like the abuse of it stopped): The original message was received at Mon, 3 Nov 2003 11:38:27 -0500 (EST) from rly-xi03.mail.aol.com [172.20.116.8] *** ATTENTION *** Your e-mail is being returned to you because there was a problem with its delivery. The address which was undeliverable is listed in the section labeled: "----- The following addresses had permanent fatal errors -----". The reason your mail is being returned to you is listed in the section labeled: "----- Transcript of Session Follows -----". The line beginning with "<<<" describes the specific reason your e-mail could not be delivered. The next line contains a second error message which is a general translation for other e-mail servers. Please direct further questions regarding this message to your e-mail administrator. --AOL Postmaster ----- The following addresses had permanent fatal errors ----- <estes267@aol.com> ----- Transcript of session follows ----- ... while talking to airmail-01.mail.aol.com.: >>> RCPT To:<estes267@aol.com> <<< 550 MAILBOX NOT FOUND 550 <estes267@aol.com>... User unknown Reporting-MTA: dns; str-d08.mail.aol.com Arrival-Date: Mon, 3 Nov 2003 11:38:27 -0500 (EST) Final-Recipient: RFC822; estes267@aol.com Action: failed Status: 5.1.1 Remote-MTA: DNS; airmail-01.mail.aol.com Diagnostic-Code: SMTP; 550 MAILBOX NOT FOUND Last-Attempt-Date: Mon, 3 Nov 2003 11:49:17 -0500 (EST) Received: from rly-xi03.mx.aol.com (rly-xi03.mail.aol.com [172.20.116.8]) by str-d08.mail.aol.com (v92.16) with ESMTP id RELAYIN2-33fa6848236f; Mon, 03 Nov 2003 11:38:27 -0500 Received: from 82-35-16-185.cable.ubr03.hari.blueyonder.co.uk (82-35-16-185.cable.ubr03.hari.blueyonder.co.uk [82.35.16.185]) by rly-xi03.mx.aol.com (v97.7) with ESMTP id MAILRELAYINXI310-4d83fa6846727; Mon, 03 Nov 2003 11:38:01 -0500 Received: from [63.43.194.14] by 82-35-16-185.cable.ubr03.hari.blueyonder.co.uk SMTP id I4YPlyLrCtR96R; Tue, 04 Nov 2003 09:36:46 +0400 Message-ID: <1ml37-x852ire$x64-14v15-0-a@dfadd.r96i1> From: "Marc Ryan" <q214imays@worldwebs.com> Reply-To: "Marc Ryan" <q214imays@worldwebs.com> To: eee115@aol.com Cc: <dwiggin330@aol.com>, <estes267@aol.com> Subject: Brand name medications at 70% off 82392576601 shiamxukpqgv pqk Date: Tue, 04 Nov 03 09:36:46 GMT X-Mailer: AOL 7.0 for Windows US sub 118 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="C.F10968.3A4._8A17.411" X-Priority: 3 X-MSMail-Priority: Normal X-AOL-IP: 82.35.16.185 X-AOL-SCOLL-SCORE: 0:XXX:XX X-AOL-SCOLL-URL_COUNT: 0   Dave Ross Supporter Username: Dave Post Number: 5559 Registered: 4-1998 Posted on Monday, November 3, 2003 - 12:16 pm:        Turn off any "catch-all" account for the domain so the messages bounce.   Tom Reingold the prissy-pants Citizen Username: Noglider Post Number: 912 Registered: 1-2003 Posted on Monday, November 3, 2003 - 12:54 pm:        This can be a ricocheting virus. It takes a while for this to die down. Tom Reingold There is nothing   jgberkeley Supporter Username: Jgberkeley Post Number: 3272 Registered: 5-2001 Posted on Monday, November 3, 2003 - 1:09 pm:        I'd send a PrivateLine to Jamie and ask him what to do. He is into all that and does a Super Job! Enjoy,   Tom Reingold the prissy-pants Citizen Username: Noglider Post Number: 913 Registered: 1-2003 Posted on Monday, November 3, 2003 - 1:39 pm:        This is the advice you'd give to Jamie? That he should ask himself what to do? Jamie is the one with the problem! Tom Reingold There is nothing   jamie Moderator Username: Jamie Post Number: 382 Registered: 6-2001 Posted on Monday, November 3, 2003 - 1:47 pm:        Thanks for the advice George - I contacted myself and things are fine now. I made it so that I don't get all of the emails. Still I hate having my domain name associated with any spam mail. I wish you could sue for this type of garbage.   peteglider Citizen Username: Peteglider Post Number: 322 Registered: 8-2002 Posted on Monday, November 3, 2003 - 2:00 pm:        I had this same problem with the SoBIG virus -- and it has not stopped. For a few weeks nothing -- then I suspect someone opens an infected email, their addressbook is "stolen" -- and the cycle begins again -- and I'll get 20 - 30 of those in a morning. what a pain! Pete   jgberkeley Supporter Username: Jgberkeley Post Number: 3273 Registered: 5-2001 Posted on Monday, November 3, 2003 - 9:27 pm:        Tom, I was giving Jamie stuff for his stand-up act!   lseltzer Citizen Username: Lseltzer Post Number: 1867 Registered: 5-2001 Posted on Monday, November 3, 2003 - 9:56 pm:        Your servers need not be involved for your address to be used for sending spam. It's trivial to send mail from whatever address you wish. As prissy-pants says, this is also a major problem with many worm/viruses. The answer is that there's nothing you can do to stop it. Even though they had nothing to do with creating the problem I think we should blame Microsoft for it.   Dave Ross Supporter Username: Dave Post Number: 5585 Registered: 4-1998 Posted on Monday, November 3, 2003 - 10:18 pm:        probably microsoft.ru   Nohero Citizen Username: Nohero Post Number: 2366 Registered: 10-1999 Posted on Monday, November 3, 2003 - 11:13 pm:        Why do the Ross brothers need to converse here online? (And who did Mom like best?)   shestheone Citizen Username: Shestheone Post Number: 42 Registered: 5-2003 Posted on Tuesday, November 4, 2003 - 12:18 am:        isn't it whom?   Curt Wayne Citizen Username: Cswayne Post Number: 69 Registered: 10-2002 Posted on Tuesday, November 4, 2003 - 8:34 pm:        YEA! It's MicroSoft! Security leaks in Outlook, I'll bet! Have you ever heard of www.knowspam.net? Check'em out. Curt