very strange email goings on.....???
25 May 2005, 12:29 AM
#1
Scooby Regular
Thread Starter
Join Date: Sep 2003
Location: London(ish)
Posts: 1,194
Likes: 0
Received 0 Likes
on
0 Posts
very strange email goings on.....???
Just got in from t'pub, opened my personal gmail account to find a whole load of 'failed delivery notification' bounce's.
These are to let me know that a load of emails I didn't send, couldn't be delivered, underneith is page of un-readable symbols and rubbish like this (some of the header removed for security reasons):
host gmail-smtp-in.l.google.com [64.233.163.27]:
552 5.7.0 Illegal Attachment
------ This is a copy of the message, including all the headers. ------
------ The body of the message is 54409 characters long; only the first
------ 16384 or so are included here.
Subject: Your Email Account is Suspended For Security Reasons
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0004_817F005A.D17E5ADE"
X-Spam-Checker-Version: SpamAssassin 3.0.3 (2005-04-27) on
uk2mxserver2-11.uk2.net
X-Spam-Level: *
X-Spam-Status: No, score=1.6 required=99.0 tests=MISSING_MIMEOLE,NO_REAL_NAME,
PRIORITY_NO_NAME,UPPERCASE_25_50 autolearn=no version=3.0.3
X-SA-Exim-Version: 4.0 (built Sat, 24 Jul 2004 09:53:34 +0200)
X-SA-Exim-Scanned: Yes (on uk2mxserver2-11.uk2.net)
1(ogKh|w,X[-DVq(F2QI)4y$R'QF,Еks kDA!O*Fa-.:bkIߜ0QD.
These are to let me know that a load of emails I didn't send, couldn't be delivered, underneith is page of un-readable symbols and rubbish like this (some of the header removed for security reasons):
host gmail-smtp-in.l.google.com [64.233.163.27]:
552 5.7.0 Illegal Attachment
------ This is a copy of the message, including all the headers. ------
------ The body of the message is 54409 characters long; only the first
------ 16384 or so are included here.
Subject: Your Email Account is Suspended For Security Reasons
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0004_817F005A.D17E5ADE"
X-Spam-Checker-Version: SpamAssassin 3.0.3 (2005-04-27) on
uk2mxserver2-11.uk2.net
X-Spam-Level: *
X-Spam-Status: No, score=1.6 required=99.0 tests=MISSING_MIMEOLE,NO_REAL_NAME,
PRIORITY_NO_NAME,UPPERCASE_25_50 autolearn=no version=3.0.3
X-SA-Exim-Version: 4.0 (built Sat, 24 Jul 2004 09:53:34 +0200)
X-SA-Exim-Scanned: Yes (on uk2mxserver2-11.uk2.net)
1(ogKh|w,X[-DVq(F2QI)4y$R'QF,Еks kDA!O*Fa-.:bkIߜ0QD.
Last edited by mynickers; 25 May 2005 at 12:34 AM.
25 May 2005, 12:32 AM
#2
Scooby Regular
Thread Starter
Join Date: Sep 2003
Location: London(ish)
Posts: 1,194
Likes: 0
Received 0 Likes
on
0 Posts
But it gets more worrying, as the emails originating from my gmail that I didn't send, are to a domain that I own, and all email posted to that domain are forwarded back to my gmail. ie, send an email to mail@mydomain, and it gets forwarded to me@gmail.com.
The actual email set up for this domain is mail@mydomain.com, but the emails that couldn't be delivered were lots of random names, tracy@, Ben@, etc etc.
If it was outlook, I would be starting my virus scan right now, but it's online, what could of caused this, can't be a virus in my gmail account!
If it's a dodgey thing, why, what do they stand go gain?
Very strange, I am not too worried apart from, it does seem a bit too personal to be random, and why is someone ***king with my personal emails!?
Anyone shed any light?
Cheers
Nick
The actual email set up for this domain is mail@mydomain.com, but the emails that couldn't be delivered were lots of random names, tracy@, Ben@, etc etc.
If it was outlook, I would be starting my virus scan right now, but it's online, what could of caused this, can't be a virus in my gmail account!
If it's a dodgey thing, why, what do they stand go gain? Very strange, I am not too worried apart from, it does seem a bit too personal to be random, and why is someone ***king with my personal emails!?
Anyone shed any light?
Cheers
Nick
Last edited by mynickers; 25 May 2005 at 12:36 AM.
25 May 2005, 08:57 AM
#4
Scooby Regular
Join Date: Jun 2004
Location: house in a street on the earth
Posts: 1,028
Likes: 0
Received 0 Likes
on
0 Posts
Nick
Same thing on my home account for the last few days. It's spam bascially - they have got held of your domain and just put anything in front of it - your mail sender then tries to reply to people who dod not exist and you get all these non-transmital messages..... My stopped after a few days - just hit delete plenty of times with them all. BTW my virus checker found quite a few with small attachm,ents contraining viruses so that's also something to be aware of...
Andy
Same thing on my home account for the last few days. It's spam bascially - they have got held of your domain and just put anything in front of it - your mail sender then tries to reply to people who dod not exist and you get all these non-transmital messages..... My stopped after a few days - just hit delete plenty of times with them all. BTW my virus checker found quite a few with small attachm,ents contraining viruses so that's also something to be aware of...
Andy
25 May 2005, 09:01 AM
#5
Scooby Regular
Thread Starter
Join Date: Sep 2003
Location: London(ish)
Posts: 1,194
Likes: 0
Received 0 Likes
on
0 Posts
Originally Posted by JackClark
You used your gmail account as the admin contact for the domain perhaps?
Yeah it is admin email...
But the spammy type stuff, (suposedly) originated from my gmail, being sent to loads of random names @mydomain. I am probably not explaining this very well.
Basically it looks like someone is using some sort of ghost mailer, but my confussion is why they are targeting my domain addresses! Strange, but it carried on all night, have an in box full of it!
25 May 2005, 09:14 AM
#6
Scooby Regular
Thread Starter
Join Date: Sep 2003
Location: London(ish)
Posts: 1,194
Likes: 0
Received 0 Likes
on
0 Posts
Originally Posted by mightyyid
Nick
Same thing on my home account for the last few days. It's spam bascially - they have got held of your domain and just put anything in front of it - your mail sender then tries to reply to people who dod not exist and you get all these non-transmital messages..... My stopped after a few days - just hit delete plenty of times with them all. BTW my virus checker found quite a few with small attachm,ents contraining viruses so that's also something to be aware of...
Andy
Same thing on my home account for the last few days. It's spam bascially - they have got held of your domain and just put anything in front of it - your mail sender then tries to reply to people who dod not exist and you get all these non-transmital messages..... My stopped after a few days - just hit delete plenty of times with them all. BTW my virus checker found quite a few with small attachm,ents contraining viruses so that's also something to be aware of...
Andy
I'll just add it to the 200 odd spam and phishing attacks I get a day in gmail!
25 May 2005, 04:35 PM
#7
Scooby Regular
Join Date: Aug 2000
Location: Mid-Kent
Posts: 1,039
Likes: 0
Received 0 Likes
on
0 Posts
Yep, I'm getting it too, on my Freeserve Account. Has to be spam of some sort, since McAfee and Spybot both declare my machine 'clean', I have Spyware Blaster running in the B/G, and operate behind Netgear DSG834 and McAfee Firewalls. Kinda disturbing, bit irritating but AFAIK harmless.
Phil
Phil
Trending Topics
25 May 2005, 04:54 PM
#8
Scooby Regular
Join Date: May 2000
Location: MY00,MY01,RX-8, Alfa 147 & Focus ST :-)
Posts: 10,371
Likes: 0
Received 0 Likes
on
0 Posts
Spybot is good - but not that good Try running the Malware bouncer from emco.is (you can find it in their free downloads section) - very effective scanner.
Also a lot of your good work and protection can be undone if you log into your machine with admin rights (come on, hands up - how many do it?). Most of these programs rely on anonymous accounts with admin rights to run and install. By removing the admin rights you go a long way to stopping this stuff being installed if it evades your blockers / AV etc.
Try running the Malware bouncer from emco.is (you can find it in their free downloads section) - very effective scanner.Also a lot of your good work and protection can be undone if you log into your machine with admin rights (come on, hands up - how many do it?). Most of these programs rely on anonymous accounts with admin rights to run and install. By removing the admin rights you go a long way to stopping this stuff being installed if it evades your blockers / AV etc.
25 May 2005, 07:50 PM
#10
Scooby Regular
Join Date: Aug 2003
Location: Epsom
Posts: 5,832
Likes: 0
Received 0 Likes
on
0 Posts
spammers just spoof the return address of their mails with your account details - when the recipent either doesnt exist or is declining the mail for some reason then it bounces back to you
25 May 2005, 08:54 PM
#11
Scooby Regular
Thread Starter
Join Date: Sep 2003
Location: London(ish)
Posts: 1,194
Likes: 0
Received 0 Likes
on
0 Posts
Cheers guys..
Like I said, I could work out what was going on, I just wondered why? THis has all just happened since I moved my domain to UK2.net, I used them years ago, and they were a mare. But I thought maybe now they've all made millions, they might of improved! And cause they're cheap, and so am I!
OOOH, Liverpool just scored - go on the reds!
Like I said, I could work out what was going on, I just wondered why? THis has all just happened since I moved my domain to UK2.net, I used them years ago, and they were a mare. But I thought maybe now they've all made millions, they might of improved!
And cause they're cheap, and so am I! OOOH, Liverpool just scored - go on the reds!
Thread
Thread Starter
Forum
Replies
Last Post
Pro-Line Motorsport
Car Parts For Sale
0
27 September 2015 11:19 AM