bogus mail flood

V

Vic Dura

What's with the flood of bogus "bounced" or "returned" email lately?
The all have subjects like "bounced mail", "returned mail", "report",
"error" or whatever. Most of them say to look inside the attached zip
file, which is only a few bytes in size, often just 1 or 2 bytes. The
emails themselves are usually about 1k or 2k in size.

This has been going on for a couple of weeks. Now I'm getting about 80
to 100 of them daily, fortunately caught by MailWasher. Are there any
NGs that specialize in reporting and discussing these kinds of
flood/attacks?
 
S

Sparky

Vic said:
What's with the flood of bogus "bounced" or "returned" email lately?
The all have subjects like "bounced mail", "returned mail", "report",
"error" or whatever.
Click to expand...

I've been receiving and increasing number of these. They are bounced to
"postmaster" at my domain.

In analyzing the headers and talking with my (local) domain host, they
appear to be *legitimately* bounced mail from *legitimate* mail servers.

Spammers are increasingly forging the "from" headers. When spammers
spam an account that's invalid, they generate what I'm seeing (as
postmaster of my domain) and, possibly, what you're seeing.

At this point, there's no solution. MS, Yahoo and others are in the
process of setting up a new system to verify emails' origins but that's
still a way off.

hth,
-Sparky
 
G

Gordon Abbot

Vic said:
What's with the flood of bogus "bounced" or "returned" email lately?
The all have subjects like "bounced mail", "returned mail", "report",
"error" or whatever. Most of them say to look inside the attached zip
file, which is only a few bytes in size, often just 1 or 2 bytes. The
emails themselves are usually about 1k or 2k in size.

This has been going on for a couple of weeks. Now I'm getting about 80
to 100 of them daily, fortunately caught by MailWasher. Are there any
NGs that specialize in reporting and discussing these kinds of
flood/attacks?
Click to expand...

Happened to me. You can check the message source and see who is
generating them from the bottom "received from" address and use whois to
ID the sender or the sender's ISP.

It could be a worm, virus or spammer (who got your address and is using
it to cover their tracks). I actually found it was a spammer in Hong
Kong. I emailed the ISP (who was legit) that someone (I sent the source
ID) was Spamming in my name and the bounced messages abruptly ended.

GA
 
J

John Corliss

Vic said:
What's with the flood of bogus "bounced" or "returned" email lately?
The all have subjects like "bounced mail", "returned mail", "report",
"error" or whatever. Most of them say to look inside the attached zip
file, which is only a few bytes in size, often just 1 or 2 bytes. The
emails themselves are usually about 1k or 2k in size.

This has been going on for a couple of weeks. Now I'm getting about 80
to 100 of them daily, fortunately caught by MailWasher. Are there any
NGs that specialize in reporting and discussing these kinds of
flood/attacks?
Click to expand...

Vic,
Like Sparky says, it's the result of spammers using your email
address in the "From" header line. I used to get those in the past until
I contacted my ISP and changed my user ID to a randomized sequence of
alphanumeric characters. For a long time, I was getting absolutely no spam.

Then my cousin Nancy sent me an "e-card" even though I specifically
asked everybody in my address book not to do so. In the process, of
course she gave away my email address to the e-card company and now I'm
getting about two or three phishing attacks every week.

My ISP uses the most excellent SpamAssassin:

http://spamassassin.apache.org/index.html

on their server, so of course I see none of these unless I go to their
website and check the junk backup folder on their server for my account.

Spam is also the main reason I took down my websites. My ISP uses their
own domain as well as its customers' usernames in the website addresses
for its customers' personal websites. The result is that spammers can
easily come up with an email address from such website address, and a
flood of spam follows shortly after. I've complained to my ISP about
this but they claim that there's no way around it.

--
Regards from John Corliss
My current killfile: Chrissy Cruiser, Slowhand Hussein
No adware, cdware, commercial software, crippleware, demoware, nagware,
PROmotionware, shareware, spyware, time-limited software, trialware,
viruses or warez please.
 
V

Vic Dura

Then my cousin Nancy sent me an "e-card" even though I specifically
asked everybody in my address book not to do so. In the process, of
course she gave away my email address to the e-card company and now I'm
getting about two or three phishing attacks every week.
Click to expand...

Yeah, it's pretty difficult to hide from spamers for very long.

Thanks for the comments.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

All e-mails received are Admin- bounce backs 2
email returned, "mailbox quota to be exceeded" WHY? 3
Bogus Microsoft e-mail updates: how to remove 2
Spam Mail starts arriving soon after posting into this discussion 5
8 gigabits per second ... Net Attacks 0
Outlook Undelivered mail, Outlook connection? 6
What Should I Do About "Returned" E-mails I Never Sent? 16
Bogus Microsoft E-Mails 6

Top