someone is using my email address to send spam

[PlatinumGold]

how do i stop it?

 

[Vegitto]

You don't. What's your e-mail address?

 

[ForumMaster]

change your password? get a new address? you might have a keylogger installed.

 

[PlatinumGold]

Originally posted by: ForumMaster
change your password? get a new address? you might have a keylogger installed.

keylogger on my pc?

 

[PlatinumGold]

i don't think it is a keylogger because i use 3 different pop addresses from the PC and only one of them has spam return email.

 

[Evander]

Maybe by chance, the spammer has masked the "from" field of the email to be your address

 

[loup garou]

You didn't really post any information usable for anyone to help you. What sort of email address is it? Free webmail? Your own domain? ISP account?

It's possible that your smtp server is an open relay and they are actually sending from your address (or, your account is a catchall and they are sending from a fake account and you're getting the bouncebacks). You can test it here.

More likely though is that your email address is being used on the return field and you're getting bouncebacks from nonexistant addresses or servers with some sort spam filtering.

How many bouncebacks are you getting? Can you post the headers of one of the messages?

 

[PlatinumGold]

Originally posted by: loup garou
You didn't really post any information usable for anyone to help you. What sort of email address is it? Free webmail? Your own domain? ISP account?

It's possible that your smtp server is an open relay and they are actually sending from your address (or, your account is a catchall and they are sending from a fake account and you're getting the bouncebacks). You can test it here.

More likely though is that your email address is being used on the return field and you're getting bouncebacks from nonexistant addresses or servers with some sort spam filtering.

How many bouncebacks are you getting? Can you post the headers of one of the messages?

it's my own domain, my address is the catchall and they are using fake email addresses.

this kind of sux because i set mine as the catchall on purpose.

 

[loup garou]

Originally posted by: PlatinumGold

Originally posted by: loup garou
You didn't really post any information usable for anyone to help you. What sort of email address is it? Free webmail? Your own domain? ISP account?

It's possible that your smtp server is an open relay and they are actually sending from your address (or, your account is a catchall and they are sending from a fake account and you're getting the bouncebacks). You can test it here.

More likely though is that your email address is being used on the return field and you're getting bouncebacks from nonexistant addresses or servers with some sort spam filtering.

How many bouncebacks are you getting? Can you post the headers of one of the messages?

it's my own domain, my address is the catchall and they are using fake email addresses.

this kind of sux because i set mine as the catchall on purpose.

I would definitely make sure your smtp server is not an open relay, but since you're a catchall, odds are they've probably just used a bunch of fake addresses in the return addresses.

Definitely run that test though and lock down your server if it is an open relay, so you don't get your domain blacklisted and out of common courtesy.

 

[PlatinumGold]

>>> RSET
<<< 250 Reset OK
>>> MAIL FROM:<spamtest@decitechservices.com>
<<< 250 OK
>>> RCPT TO:<securitytest@abuse.net>
<<< 550-www.abuse.net [208.31.42.77]:63579 is currently not permitted to relay
<<< 550-through this server. Perhaps you have not logged into the pop/imap server
<<< 550-in the last 30 minutes or do not have SMTP Authentication turned on in your
<<< 550 email client.

 

[loup garou]

Originally posted by: PlatinumGold
>>> RSET
<<< 250 Reset OK
>>> MAIL FROM:<spamtest@decitechservices.com>
<<< 250 OK
>>> RCPT TO:<securitytest@abuse.net>
<<< 550-www.abuse.net [208.31.42.77]:63579 is currently not permitted to relay
<<< 550-through this server. Perhaps you have not logged into the pop/imap server
<<< 550-in the last 30 minutes or do not have SMTP Authentication turned on in your
<<< 550 email client.

:thumbsup:

 

[PlatinumGold]

Originally posted by: loup garou

Originally posted by: PlatinumGold
>>> RSET
<<< 250 Reset OK
>>> MAIL FROM:<spamtest@decitechservices.com>
<<< 250 OK
>>> RCPT TO:<securitytest@abuse.net>
<<< 550-www.abuse.net [208.31.42.77]:63579 is currently not permitted to relay
<<< 550-through this server. Perhaps you have not logged into the pop/imap server
<<< 550-in the last 30 minutes or do not have SMTP Authentication turned on in your
<<< 550 email client.

:thumbsup:

so they are just using a bunch of fake addresses in the return addresses.

nothing i can do to prevent that huh.

 

[SagaLore]

Hold on, let's clarify.

Are you getting spam with yourself as the from?

Or, are others getting spam with yoruself as the from?

Or, is someone actually using your mail account to send the spam?

 

[PlatinumGold]

Originally posted by: SagaLore
Hold on, let's clarify.

Are you getting spam with yourself as the from?

Or, are others getting spam with yoruself as the from?

Or, is someone actually using your mail account to send the spam?

i'm getting a lot of returned email to my email address, hence i suspected someone was using my domain to send spam.

i was only partially correct. someone is using my domain with a random name xxx@domainname.com in the return address field.

the only thing i can do is to NOT use my email address as a catchall but frankly it's convenient for me to do so because of how i use this particular email domain.

 

[loup garou]

Originally posted by: PlatinumGold

Originally posted by: loup garou

Originally posted by: PlatinumGold
>>> RSET
<<< 250 Reset OK
>>> MAIL FROM:<spamtest@decitechservices.com>
<<< 250 OK
>>> RCPT TO:<securitytest@abuse.net>
<<< 550-www.abuse.net [208.31.42.77]:63579 is currently not permitted to relay
<<< 550-through this server. Perhaps you have not logged into the pop/imap server
<<< 550-in the last 30 minutes or do not have SMTP Authentication turned on in your
<<< 550 email client.

:thumbsup:

so they are just using a bunch of fake addresses in the return addresses.

nothing i can do to prevent that huh.

Not really. You could block messages with "undeliverable" or whatever in their subjects in whatever sort of spam filter you may use, or set up a rule in your email client to automatically move such messages to another folder or delete entirely. Of course, any legitimate undeliverables will suffer the same fate. Or you could set up another account strictly as a catchall and check periodically.

 

[imported_hscorpio]

This was happening to me right after I got a new dsl modem with built in wireless router WEP enabled by default. Right after I set up an email account through verizon I got about a dozen 'failured delivery' messages that looked like someone was spamming through my connection. I disabled the wirelss and stopped getting anymore of those messages.