Results 1 to 5 of 5
  1. #1
    Newbie Affiliate Ian's Avatar
    Join Date
    January 18th, 2005
    Can anyone give me a hand. I have written to AOL and my ISP but I am still getting bombarded by bounce backs. I think someone is using my domain as a reply to field and sending out tons of spam. I am getting a whole boat load of bounce back. Here is the full header, can anyone tell me if this is is coming from an AOL account? I need some serious help as I don't know how to interpret this:

    Return-Path: <>
    Received: from ([unix socket])
    by (Cyrus v2.1.11-SDF) with LMTP; Sat, 17 Jan 2004 23:31:54 -0800
    X-Sieve: CMU Sieve 2.2
    Received: from ([])
    by with esmtp (Exim 4.05)
    id 1Ai7PV-0004UB-00
    for; Sat, 17 Jan 2004 23:31:53 -0800
    Received: from ([])
    by with esmtp (Exim 4.22)
    id 1Ai7PV-000Dqn-49
    for; Sat, 17 Jan 2004 23:31:53 -0800
    Received: from ( []) by (v97.10) with ESMTP id RELAYIN8-9400a36662ab; Sun, 18 Jan 2004 02:31:50 -0500
    Received: from localhost (localhost)
    by (8.8.8/8.8.8/AOL-5.0.0)
    with internal id CAB04705;
    Sun, 18 Jan 2004 02:31:50 -0500 (EST)
    Date: Sun, 18 Jan 2004 02:31:50 -0500 (EST)
    From: Mail Delivery Subsystem <>
    Message-Id: <>
    To: <>
    MIME-Version: 1.0
    Content-Type: multipart/report; report-type=delivery-status;
    Subject: Returned mail: User unknown
    Auto-Submitted: auto-generated (failure)
    X-Scanner: OK. Scanned.

    Ian Lee, M.Sc.

    Internet Marketing Strategist

  2. #2
    ABW Ambassador
    Join Date
    January 18th, 2005
    This could just be a variant of the klez virus. you aren't infected, but someone who has your email address either in their cache or address book is infected. So they are sending out emails as you, or sometimes they will do it just as a user at your domain.

    There really isn't much you or your isp can do as the bounces will come from everywhere and have different subject lines.

    Filtering it out is also hard, because often the body of the mail is empty, and there is just an attachment - the virus, and since the bounces do not bounce back the attachment, you can't filter on that.


  3. #3
    Full Member garystarling's Avatar
    Join Date
    January 17th, 2005
    If it helps I have been getting these too! They started 2 or 3 days ago and now I had over 150 in my inbox this morning. If you open the message attached you will see it includes a link to a medical site that proposes to enlarge your assets.

    I have checked the headers on the received emails, there is nothing that shows it is my server or my computer spewing these mails. So like you my site is being used as a spoof return address.

    The website includes the word medalive in its address (it's not a .com) and also includes affiliate type IDs in the link.

    I have been unable to determine a pattern as it seems the original emails are being sent via a variety of IP addresses, however AOL servers seem to be at the heart of this.

    All the subject headings seem to be random phrases in order to get through spam blockers and content has key words altered ( to further stop junk mail filters.

    At the moment it is easier to just create rules to put them straight in the deleted folder.

    One other point is the user name for the return is different each time, none have accounts on my server

    'I am not young enough to know everything.'
    - Oscar Wilde

  4. #4
    ABW Ambassador
    Join Date
    January 18th, 2005
    It definitely seems like someone is spoofing your email address as the sender in their spams. If yours also include the medalive reference, there is only the that is a live site and it is a p*n*s enlargement site.

    If so, check out and .

    You can get the email address of the registrant (***, the DNS server names ( as well as contact names for the actual website.

    Contact each of these explaining the problem and the medalive site should get shut down pretty quickly.

    Of course they will pop back up next week with another website and you can have more fun shutting them down.

    Don't forget to let your host know of the problem also, and that it isn't you sending these emails.

  5. #5
    Newbie Affiliate Ian's Avatar
    Join Date
    January 18th, 2005
    Thanks for the info eveyone. I appreciate it.

    Ian Lee, M.Sc.

    Internet Marketing Strategist

  6. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Forums + SPAMS
    By Kate_Oranum in forum Spam
    Replies: 7
    Last Post: May 26th, 2012, 09:04 AM
  2. 92 Spams per Hour
    By Ron Bechdolt in forum Midnight Cafe'
    Replies: 25
    Last Post: April 27th, 2008, 09:27 AM
  3. Another AM Spams via PMs
    By Haiko de Poel, Jr. in forum Midnight Cafe'
    Replies: 36
    Last Post: February 21st, 2006, 08:51 AM
  4. Rolex Spams
    By Affiliate Ian in forum Midnight Cafe'
    Replies: 3
    Last Post: October 27th, 2004, 04:55 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts