someone is using my email address to send spam
- Thread starter PlatinumGold
- Start date
i don't think it is a keylogger because i use 3 different pop addresses from the PC and only one of them has spam return email.
You didn't really post any information usable for anyone to help you. What sort of email address is it? Free webmail? Your own domain? ISP account?
It's possible that your smtp server is an open relay and they are actually sending from your address (or, your account is a catchall and they are sending from a fake account and you're getting the bouncebacks). You can test it here.
More likely though is that your email address is being used on the return field and you're getting bouncebacks from nonexistant addresses or servers with some sort spam filtering.
How many bouncebacks are you getting? Can you post the headers of one of the messages?
It's possible that your smtp server is an open relay and they are actually sending from your address (or, your account is a catchall and they are sending from a fake account and you're getting the bouncebacks). You can test it here.
More likely though is that your email address is being used on the return field and you're getting bouncebacks from nonexistant addresses or servers with some sort spam filtering.
How many bouncebacks are you getting? Can you post the headers of one of the messages?
it's my own domain, my address is the catchall and they are using fake email addresses.
this kind of sux because i set mine as the catchall on purpose.
I would definitely make sure your smtp server is not an open relay, but since you're a catchall, odds are they've probably just used a bunch of fake addresses in the return addresses.
Definitely run that test though and lock down your server if it is an open relay, so you don't get your domain blacklisted and out of common courtesy.
>>> RSET
<<< 250 Reset OK
>>> MAIL FROM:<spamtest@decitechservices.com>
<<< 250 OK
>>> RCPT TO:<securitytest@abuse.net>
<<< 550-www.abuse.net [208.31.42.77]:63579 is currently not permitted to relay
<<< 550-through this server. Perhaps you have not logged into the pop/imap server
<<< 550-in the last 30 minutes or do not have SMTP Authentication turned on in your
<<< 550 email client.
<<< 250 Reset OK
>>> MAIL FROM:<spamtest@decitechservices.com>
<<< 250 OK
>>> RCPT TO:<securitytest@abuse.net>
<<< 550-www.abuse.net [208.31.42.77]:63579 is currently not permitted to relay
<<< 550-through this server. Perhaps you have not logged into the pop/imap server
<<< 550-in the last 30 minutes or do not have SMTP Authentication turned on in your
<<< 550 email client.
so they are just using a bunch of fake addresses in the return addresses.
nothing i can do to prevent that huh.
i'm getting a lot of returned email to my email address, hence i suspected someone was using my domain to send spam.
i was only partially correct. someone is using my domain with a random name xxx@domainname.com in the return address field.
the only thing i can do is to NOT use my email address as a catchall but frankly it's convenient for me to do so because of how i use this particular email domain.
Not really. You could block messages with "undeliverable" or whatever in their subjects in whatever sort of spam filter you may use, or set up a rule in your email client to automatically move such messages to another folder or delete entirely. Of course, any legitimate undeliverables will suffer the same fate. Or you could set up another account strictly as a catchall and check periodically.
This was happening to me right after I got a new dsl modem with built in wireless router WEP enabled by default. Right after I set up an email account through verizon I got about a dozen 'failured delivery' messages that looked like someone was spamming through my connection. I disabled the wirelss and stopped getting anymore of those messages.
TRENDING THREADS
-
News NVIDIA and Intel to Develop AI Infrastructure and Personal Computing Products- Started by poke01
- Replies: 313
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 22K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
Facebook
Twitter