Getting weird e-mails

[Bob]

I'm getting messages saying that a message sent is undeliverable, however I
never tried to send the message. I went to look at its details here's what I
found.

Received: from ocwjgi (eatkyo410131.adsl.ppp.infoweb.ne.jp
[220.145.135.131])by userg503.nifty.com with SMTP id j987Fms8030866; Sat, 8
Oct 2005 16:15:48 +0900
Authentication-Results: userg503.nifty.com [email protected];
sender-id=neutral; spf=neutral
Date: Sat, 8 Oct 2005 16:15:48 +0900
Message-Id: <[email protected]>
FROM: "Postmaster" <[email protected]>
TO: "Net Recipient" <>
SUBJECT: undeliverable message: returned to sender
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="zhsmnahifc"

Besides marking this a junk is there an attempt to abuse my e-mail server?
What else can I dp to stop this kind of sh...?

Any help appreciated,
Bob

 

[Alan]

I'm getting messages saying that a message sent is undeliverable, however
I never tried to send the message. I went to look at its details here's
what I found.

Received: from ocwjgi (eatkyo410131.adsl.ppp.infoweb.ne.jp
[220.145.135.131])by userg503.nifty.com with SMTP id j987Fms8030866; Sat,
8 Oct 2005 16:15:48 +0900
Authentication-Results: userg503.nifty.com [email protected];
sender-id=neutral; spf=neutral
Date: Sat, 8 Oct 2005 16:15:48 +0900
Message-Id: <[email protected]>
FROM: "Postmaster" <[email protected]>
TO: "Net Recipient" <>
SUBJECT: undeliverable message: returned to sender
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="zhsmnahifc"

Besides marking this a junk is there an attempt to abuse my e-mail server?
What else can I dp to stop this kind of sh...?

Any help appreciated,
Bob

See if you have been infected with spyware trying to 'phone home'. Spybot,
Adaware, and Microsoft's tools are free and pretty good. And update your
virus checker and do a full scan.

 

[Milly Staples [MVP - Outlook]]

These mails are probably being sent from a computer that is infected and has
the OPs email address. It is highly unlikely that the OP is sending these.

--
Milly Staples [MVP - Outlook]

Post all replies to the group to keep the discussion intact. All
unsolicited mail sent to my personal account will be deleted without
reading.

After furious head scratching, Alan asked:

| || I'm getting messages saying that a message sent is undeliverable,
|| however I never tried to send the message. I went to look at its
|| details here's what I found.
||
|| Received: from ocwjgi (eatkyo410131.adsl.ppp.infoweb.ne.jp
|| [220.145.135.131])by userg503.nifty.com with SMTP id j987Fms8030866;
|| Sat, 8 Oct 2005 16:15:48 +0900
|| Authentication-Results: userg503.nifty.com
|| [email protected]; sender-id=neutral; spf=neutral
|| Date: Sat, 8 Oct 2005 16:15:48 +0900
|| Message-Id: <[email protected]>
|| FROM: "Postmaster" <[email protected]>
|| TO: "Net Recipient" <>
|| SUBJECT: undeliverable message: returned to sender
|| Mime-Version: 1.0
|| Content-Type: multipart/alternative; boundary="zhsmnahifc"
||
|| Besides marking this a junk is there an attempt to abuse my e-mail
|| server? What else can I dp to stop this kind of sh...?
||
|| Any help appreciated,
|| Bob
||
|
| See if you have been infected with spyware trying to 'phone home'.
| Spybot, Adaware, and Microsoft's tools are free and pretty good. And
| update your virus checker and do a full scan.

 

[Vanguard \(NPI\)]

I'm getting messages saying that a message sent is undeliverable, however
I never tried to send the message. I went to look at its details here's
what I found.

You cannot prevent someone else from claiming that they are you. Spammers
and infected hosts running trojan mailer daemons are saying that their
e-mail address is your e-mail address. When they spew out their crap, an
extremely high percentage of the recipients to whom they send their crap
will not exist; i.e., most of their spew is undeliverable. A decent mail
server will reject the mail *during* the mail session with the spammer's
server. However, some are improperly configured or only forward any
incoming mails and instead they send out a *new* NDR (non-delivery report)
but AFTER the mail session is over. So where do you think that receiving
mail server is going to send back its NDR? To the e-mail address that the
sender claimed was theirs, so that will be you because the spammer or trojan
pretended they were you. Could be a spammer who used your e-mail address to
spew their crap. Could be a trojan mailer daemon on an infected host where
the user recorded your e-mail address in their phone books and the trojan
grabbed yours from there.

You cannot prevent anyone from falsifying your e-mail address. I could use
yours. You could use someone else's. It is whatever YOU configured in the
e-mail account that you defined your e-mail client to use. All you showed
was the NDR that you got from the receiving mail server. If you had
included the original message with headers (providing the NDR included it)
then the sender might be determined.

In fact, if the e-mail address in the headers of your post is your true
e-mail address, you just divulged it to an army of spambots that harvest the
newsgroups for e-mail addresses. At a minimum, and because you didn't munge
the domain, use one that isn't registered, or use example.com or
<domain>.invalid, you have energized spam to target the sgiims.com domain
and to whomever is hosting that domain (a traceroute to www.sgiims.com ends
at softwareprovider.com, but IP address 216.13.34.7 for www.sgiims.com is
allocated to allstream.com).