Results 1 to 11 of 11
  1. #1
    ABW Ambassador Daniel M. Clark's Avatar
    Join Date
    January 7th, 2006
    Location
    Houston, TX
    Posts
    2,082
    I've been 'jacked!
    Since 2:30pm today, about one hour ago local time, I've recieved 798 email messages all with a variation on the theme of "spam email not delivered, apparently from you". It looks like someone has been using one of my email addresses to spam other people and when the recipient's spam filters kick it back, it comes to me. Now, I've always had one or two of these come in a day to various email accounts, so I just figured someone was using bounced email text to fool people into clicking links. I've just been deleting them. But in the last hour, there's been 798 of the damn things.

    Any thoughts? Should I just notify the people that have it and then kill off the address? Could these things actually be bounced email messages?
    Daniel M. Clark
    Tech Manager
    Greg Hoffman Consulting

  2. #2
    ABW Ambassador Daniel M. Clark's Avatar
    Join Date
    January 7th, 2006
    Location
    Houston, TX
    Posts
    2,082
    In the time it took me to write that, the count went up to 950. This is getting silly.

    Oh, and the reason I'm thinking this might be legit is that I'm getting messages from Google Groups saying I don't have permission to post to certain groups... it does look like someone is spoofing my address.
    Daniel M. Clark
    Tech Manager
    Greg Hoffman Consulting

  3. #3
    Tax Paying Member
    Join Date
    November 14th, 2005
    Location
    Chapel Hill, NC
    Posts
    2,119
    I don't have an answer for you......just sympathy.

    I experienced the same thing a few months ago. It finally stopped.
    I did not make any changes except remove e-mail addresses from my all sites, even though only one site was affected, and replace with a contact form where needed. Do not know for sure if this was the solution or if someone found out that my email address was not profitable.
    You must climb this mountain. There is no elevator. ---- Don't stick your finger in the liquid nitrogen.
    Carolina China

  4. #4
    Affiliate Manager Afilyit's Avatar
    Join Date
    April 25th, 2008
    Location
    Staten Island, NY
    Posts
    348
    Can you look at the headers? Sometimes the original email is attached or found below the text

  5. #5
    ABW Ambassador 2busy's Avatar
    Join Date
    January 17th, 2005
    Location
    Tropical Mountaintop
    Posts
    5,636
    Can you check the headers to verify that they are from your domain/ISP/acct? In Windows (Outlook/Express)you can right click and check properties without opening the email to see what's in it and who it's really from. I know you use a Mac, but not sure if the same options apply.
    I would close the acct first and then go about notifying folks, but I understand that sometimes that is not practical. If it is from a domain you control, you have more options in Control Panel, just contact the host. There are too many optional settings for email to have a one size fits all solution.

  6. #6
    ABW Ambassador flamingoworld's Avatar
    Join Date
    January 18th, 2005
    Posts
    5,208
    We had this issue last month, got this back from Rackspace on the issue:

    Spammers forge the From or Return-Path addresses on their messages to deflect blame onto innocent parties (or as an alternate means to get their spam messages to people). Poorly configured mail servers that accept mail for any address on a domain they host will then bounce undeliverable messages back to the Return-Path address - which gets the mail back to your users. We have seen a huge increase in reports of this problem, which in large part can be attributed to Google:

    http://tech.slashdot.org/article.pl?.../04/08/2258246

    They accept mail to any address on their hosted domains, which leads to much more "backscatter."

    The only thing you can do to combat the problem is to set up SPF records for your domains. These are special DNS records that list the valid sending IPs. If a mail server sees a message coming from an unlisted IP, they are supposed to reject it. However, not all servers check SPF records, so this is not wholly effective; however, Google does check them, so it will help with the largest offender.

  7. #7
    Full Member Jim Guinn's Avatar
    Join Date
    January 21st, 2007
    Location
    Bartonsville, Pennsylvania
    Posts
    414
    I had this problem about a year ago. It was not a case of a forged return path, but someone actually commandeered my mail program without my knowledge. Are you sure this is not the case with you? In any event, my ISP was most helpful in giving me steps to clean the culprit out of my mail program and putting safeguards in place.

    Jim

  8. #8
    ABW Ambassador Daniel M. Clark's Avatar
    Join Date
    January 7th, 2006
    Location
    Houston, TX
    Posts
    2,082
    Thanks for the replies, everyone Yep, I'm on a Mac, and I use the Mail program that comes with OS X. I don't *think* it's an issue of someone taking over my Mail software because I check about 40 email addresses in my Mail app... if someone had access to the app, it wouldn't likely be only one address they latched onto. And security on the Mac is a lot tighter, too.

    I looked through the full headers, but it's been so long since I've had to deal with stuff like this that I don't know what to look for anymore... and I was never great with email tech to begin with, I was always more of a hardware guy. Looks like I'll be killing off that email address... fortunately, it's one that is rarely used anymore, so I won't have many people/sites to notify.

    I hate spammers.
    Daniel M. Clark
    Tech Manager
    Greg Hoffman Consulting

  9. #9
    Member suniliu's Avatar
    Join Date
    March 7th, 2007
    Posts
    162
    I had this problem about a week ago, over 2300 returned/bounced emails...
    I did not know what to do, so I just deleted that particular email address.
    - Sunil

    [SIZE=1]The impossibility of today is a hint of what shall be...[/SIZE]

  10. #10
    Life is Supposed to be Fun! Rexanne's Avatar
    Join Date
    January 18th, 2005
    Location
    Los Angeles
    Posts
    12,360
    I got the same blast today Daniel. I get it once a month it seems. I guess they have each email addy they spoof on a monthly time table. I had more than 2000 in half an hour tonight. I'm dreading my inbox in the morning.

    There is a way to stop those from coming into your mail. I had it set up and then switched computers and lost the set up. Ask your host about it. I'm gonna have to do the same ... in the morning. I've had enough drama for one day, going to bed. LOL
    Peace,

    Rexanne

    Rexanne.com
    Loving Everyone's Child Creates Magic


  11. #11
    Outsourced Program Manager Chris -  AMWSO's Avatar
    Join Date
    January 18th, 2005
    Location
    Bangkok
    Posts
    11,273
    I had a one day hit of this on one account I rarely use late last week. About 100 or so then it stopped. It is so easy to spoof someone's email address and reply path that I don't think there is a lot you can do about it.

    Cheers

    chris
    Last edited by Chris - AMWSO; May 20th, 2008 at 08:12 AM. Reason: typos
    Affiliate Marketing by AMWSO. Skype - chrissanderson ::: TEL 1-720-336-1784 ::: www.amwso.net
    Join our affiliate programs :Vaper Empire, Iolo, Art of Tea, or See ALL our Programs here

  12. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Featured: Heads up - Feeds are jacked up, again!
    By Convergence in forum Rakuten LinkShare - LS
    Replies: 12
    Last Post: May 16th, 2014, 10:58 AM
  2. Guitar Trader Links Jacked Up
    By Trust in forum Commission Junction - CJ
    Replies: 0
    Last Post: March 4th, 2008, 06:25 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •