Undelivered mail that I haven't sent?

[Uno Hoo!]

I keep receiving e-mails like this:

---------------------------------------------------------

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

(e-mail address removed)
SMTP error from remote mailer after RCPT TO:<[email protected]>:
host sunsetdirect.com.inbound.mxlogic.net [216.183.119.107]:
550 Rejected by final destination

------ This is a copy of the message, including all the headers. ------

Return-path: <[email protected]>
Received: from user-3696.l6.c1.dsl.pol.co.uk ([84.66.46.112]
helo=lunn11.freeserve.co.uk)
by cmailm1.svr.pol.co.uk with smtp (Exim 4.14)
id 1C02MG-0002Td-VK
for (e-mail address removed); Wed, 25 Aug 2004 19:18:53 +0100
Message-ID: <[email protected]>
From: "Mail Delivery Subsystem" <[email protected]>
To: (e-mail address removed)
Subject: MAILER-DAEMON Returned mail: User unknown
Date: Wed, 25 Aug 2004 19:18:52 +0100
MIME-Version: 1.0
Content-type: text/plain; charset=US-ASCII

The original message was received at 25/08/2004 19:18:52 -0100 from
168-226-113-111.speedy.com.ar
----- The following addresses had permanent fatal errors -----
<[email protected]>
(expanded from: <[email protected]>)

----- Transcript of session follows -----
mail.local: unknown Name: kevlunn
550 <[email protected]>... User unknown


Reporting-MTA: dns; mx1.lunn11.freeserve.co.uk
Received-From-MTA: DNS; 168-226-113-111.speedy.com.ar
Arrival-Date: 25/08/2004 19:18:52 -0500

Final-Recipient: RFC822; <[email protected]>
X-Actual-Recipient: RFC822; (e-mail address removed)
Action: failed
Status: 5.1.1
Last-Attempt-Date: 25/08/2004 19:18:52 -0100

----------------------------------------------------------

(e-mail address removed) is my correct e-mail address but I am not
sending these e-mails. I have done a full scan of my system with AVG and
with Ad-aware (I also have spy-blaster installed) and all come up clean. Is
my system sending out these e-mails or has someone hi-jacked my e-mail
address? If the latter - is there anything I can do about it?

Kev

 

[Julian Moss]

----------------------------------------------------------

kevlunn@....... is my correct e-mail address but I am
not sending these e-mails. I have done a full scan of my system with
AVG and with Ad-aware (I also have spy-blaster installed) and all
come up clean. Is my system sending out these e-mails or has someone
hi-jacked my e-mail address? If the latter - is there anything I can
do about it?

Kev

1. Most worms these days spoof the "from" address using an address
found on the infected system. You probably aren't infected, but someone
who has your address in their address book or some file on their hard
disk, perhaps a friend of yours, is.

2. No, there isn't anything you can do about it.

3. By posting your email address in full to a newsgroup (several times
in one message, just to make sure!) you have just ensured that your
address is now stored on many more computers. And now spammers will be
able to get it too!

 

[Theo]

berlin.de:



Or you used your real address in public places like newsgroups or your own
website... which are often scanned for addresses. Create a free yahoo
account or from one of their competitors and use that for everything except
for those you really trust.

Even then, dont use that one on a newsgroup unless its moderated (which
need working emails). Otherwise use something like
"(e-mail address removed)" or "myemail AT myisp DOT com" (which it
looks like you already did for your sendto header... but not in your
message body). These automated programs scan inside messages as well for
obvious email patterns.

Whoever made one of the early sven variants harvested my yahoo email from a
newsgroup in this manner (from only one group mind you, as I only used this
email in one). But better the yahoo one than my personal email.

 

[steve]

Or you used your real address in public places like newsgroups or your own
website... which are often scanned for addresses. Create a free yahoo
account or from one of their competitors and use that for everything except
for those you really trust.

Or use a ISP that filters all the crap for you. Then you can use a
real address. Fake addresses are a PITA for people who really need to
contact you.


Steve

 

[Julian Moss]

Or use a ISP that filters all the crap for you. Then you can use a
real address. Fake addresses are a PITA for people who really need to
contact you.


Steve

There isn't a spam filter yet invented that can distinguish between
spam and wanted mail with 100% accuracy. Spam filters are much better
than nothing, but they still cause problems. It's better still to avoid
getting spam in the first place.

 

[steve]

There isn't a spam filter yet invented that can distinguish between
spam and wanted mail with 100% accuracy. Spam filters are much better
than nothing, but they still cause problems. It's better still to avoid
getting spam in the first place.

In my experience Brightmail is almost 100% effective at catching spam
with zero false positives. All my important mail comes in via
redirection so I can monitor the transit if necessary. When Brightmail
first arrived I maintained a check for two months. There were no false
positives. I am confident that I can trust the filters not to kill any
of the mail that I want.


Steve

 

[GSV Three Minds in a Can]

Or use a ISP that filters all the crap for you. Then you can use a
real address. Fake addresses are a PITA for people who really need to
contact you.

Seconded. Several news providers and some ISPs now refuse to let you
post with munged addresses .. mine'll let me post news that way, but
gets uppity and bounces emails sent through their SMTP server if I use
the same munging .. this is such a PITA (given I flip between email and
news a lot, and don't want to have to change personality each time) that
I just use a real one, with real aggressive spam filtering.

 

[Theo]

(e-mail address removed) wrote in @4ax.com:

Or use a ISP that filters all the crap for you. Then you can use a
real address. Fake addresses are a PITA for people who really need to
contact you.

There are real address for people you want to correspond with, %100 fake
addresses, addresses that require a half second of effort to remove
antispam fillers, and public addresses that you use for noncritical
contacts. Yes its all extra effort on our part. But so is spending time
shredding all those unsolicited credit card applictions we get to make it
harder for other people to commit fraud in our names. Its a brave new
world.

 

[Julian Moss]

In my experience Brightmail is almost 100% effective at catching spam
with zero false positives. All my important mail comes in via
redirection so I can monitor the transit if necessary. When Brightmail
first arrived I maintained a check for two months. There were no false
positives. I am confident that I can trust the filters not to kill any
of the mail that I want.


Steve

Just looked at Brightmail's website, and I see they've been taken over
by Symantec. So that's the end of that, then.

 

[Uno Hoo!]

Many thanks to everyone for the advice. I do use an altered e-mail address
on newsgroups (which you can see if you check this posting) but I agree I
was careless with the original post. Nothing's easy these days is it!!

Kev

 

[steve]

Just looked at Brightmail's website, and I see they've been taken over
by Symantec. So that's the end of that, then.

Brightmail has improved since Symantec took over but that's probably
just a coincidence. The spam I get has dropped to nearly zero since my
ISP signed up Brightmail at the beginning of this year. I have been
using a real e-mail address on usenet and the web for many years so I
will be on every spam list going. I'm a pretty good test case for spam
filtering. Any service that cuts my spam down to nearly zero is worth
a fortune. No doubt Symantec will soon be charging a fortune


Steve

 

[Theo]

given I flip between email and
news a lot, and don't want to have to change personality each time

sounds like outlook express... something to be avoided IMHO ;o)

 

[GSV Three Minds in a Can]

sounds like outlook express... something to be avoided IMHO ;o)

Read my headers.
8>.

 

[Theo]

Read my headers.
8>.

headers are too hard...jk ;o)

 

[GSV Three Minds in a Can]

headers are too hard...jk ;o)

Not with a decent newsreader. alt-v, alt-a.