Strange Spam

[Ex_OWM]

I have my own domain name example.com and I using email forwarding/catchall
I use individual email addresses for various purposes in the format of
(e-mail address removed), (e-mail address removed), (e-mail address removed),
etc.

Recently, I have been getting a lot of spam against that domain name, much
of it is obvious dictionary attacks but quite a lot of it is showing as from
various email addresses on that domain that I have actually used in the
past.

I don't think it is a case of people selling on my email address, some of
these are very respectable organisations and there are just too many of them
happening at the same time. I don't think it's a key trapper as I haven't
actually used some of these addresses for a very long time. I don't think
it's a Trojan taking control of Outlook as I'm not getting bounces from
rogue mail being sent out using these as return addresses.

I'm running XP SP3, Windows firewall, AVG 8 and Windows Defender as my main
protection and occasionally run Lavasoft Adaware and Spybot Search &
Destroy, none of which are finding anything untoward.

Am I missing anything here or does anyone have any suggestions as to how
these addresses may have been picked up?

 

[Whiskers]

["Followup-To:" header set to 24hoursupport.helpdesk.]

Am I missing anything here or does anyone have any suggestions as to how
these addresses may have been picked up?

Bots scraping web forums, blogs, usenet posts, etc. People thoughtlessly
'forwarding' those stupid emails about 'urgent warnings' and 'missing
child' and 'this is funny' etc. Clicking on 'unsubscribe me' or 'report
this as spam' links in spam.

 

[Ex_OWM]

One or more of your correspondents has or had an infected computer, ie,
your addresses were harvested. That fact that the correspondents are
respectable organisations doesn't protect them.

As the adrresses have been strictly limited to exchanges with the
organistions, all of them would have had to be infected around the same time
which seems unlikely.

There's nothing you can do about this. It's of course possible that your
computer has been zombified, but your security measures make this unlikely.

I also think it's unlikley but I'm feeling a bit nervous that something has
slipped under the radar.

 

[Ex_OWM]

It's okay, guys, I have it figured out.

I thought these IP addresses had never been published anywhere but I realise
now that at least some of them have - I used the ISP ones as contact email
addresses on other domain names registered with them so obvuously they would
have been available on a Whois lookup.

On that basis, I'm sure that I think about it long enough that I'll remember
that somewhere, sometime that I've used the others.

That was what my underlying concern was - that I was sure these were not
just a dictionary attack but I couldn't think where they might have been
harvested, sorry for giving misleading information.

 

[John]

I have my own domain name example.com and I using email forwarding/catchall
I use individual email addresses for various purposes in the format of
(e-mail address removed), (e-mail address removed), (e-mail address removed),
etc.

Recently, I have been getting a lot of spam against that domain name, much
of it is obvious dictionary attacks but quite a lot of it is showing as
from various email addresses on that domain that I have actually used in
the past.

I don't think it is a case of people selling on my email address, some of
these are very respectable organisations and there are just too many of
them happening at the same time. I don't think it's a key trapper as I
haven't actually used some of these addresses for a very long time. I
don't think it's a Trojan taking control of Outlook as I'm not getting
bounces from rogue mail being sent out using these as return addresses.

I'm running XP SP3, Windows firewall, AVG 8 and Windows Defender as my
main protection and occasionally run Lavasoft Adaware and Spybot Search &
Destroy, none of which are finding anything untoward.

Am I missing anything here or does anyone have any suggestions as to how
these addresses may have been picked up?

Trade in that AVG and get one that has a stronger Spam filter.
AVG is not that good of a program anyway.