Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Returned emails that I didn't send

Posted on 2006-11-14
5
Medium Priority
?
326 Views
Last Modified: 2009-07-29
I am receiving returned emails that I never sent.  None of my sent boxes have this email so I'm not sure if this is a virus, my email account compromized, or if someone is taking on my identity.  I know that you can programmically use any from address that you want.  Any ideas?

Thanks.
0
Comment
Question by:azyet24
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 34

Expert Comment

by:PsiCop
ID: 17943542
When you hear hoofbeats, think horses, not zebras.

Most likely, some spammer is sending out E-Mail and forging your address in the From: line. And gullible E-Mail systems are returning the bounces to you. It's called joe-jobbing.

Detailed examination of the headers of the returned E-Mails would be necessary to support the other possibilities.
0
 

Author Comment

by:azyet24
ID: 17943702
MAILER-DAEMON@smtp04-01.prod.mesa1.secureserver.net

We're sorry. There's a problem with the e-mail address(es) you're trying to send to. Please verify the address(es) and try again. If you continue to have problems, please contact Customer Support at (480) 624-2500.

<byrne@first-funding.com>:
The e-mail message could not be delivered because there are no users here by that name.

--- Below this line is a copy of the message.

Return-Path: <My Email Address>
Received: (qmail 24742 invoked from network); 15 Nov 2006 02:18:26 -0000
Received: from pre-smtp21-02.prod.mesa1.secureserver.net ([64.202.166.37])
          (envelope-sender <My Email Address>)
          by smtp04-01.prod.mesa1.secureserver.net (qmail-ldap-1.03) with SMTP
          for <byrne@first-funding.com>; 15 Nov 2006 02:18:26 -0000
Received: (qmail 10063 invoked from network); 15 Nov 2006 02:18:26 -0000
Received: from c-71-235-82-195.hsd1.ct.comcast.net ([71.235.82.195])
          (envelope-sender <My Email Address>)
          by pre-smtp21-02.prod.mesa1.secureserver.net (qmail-ldap-1.03) with SMTP
          for <byrne@first-funding.com>; 15 Nov 2006 02:18:24 -0000
Received: from ([10.152.239.99]) (HELO AQVRE)
      by c-71-235-82-195.hsd1.ct.comcast.net (8.13.4/8.13.4) with SMTP id h032954006538a3Ir115112
      for <bsmith2cq@uplink.net>; Mon, 13 Nov 2006 09:18:28 -0800 (CDT)
      (envelope-from My Email Address)
Message-ID: <02e501c70747$bc8e66f0$c352eb47@AQVRE>
From: "bsmith" <My Email Address>
To: "bsmith2cq" <bsmith2cq@uplink.net>
Subject: Herbs, Grains, Vegetables, Fiber all in one pill, TRY FREE!
Date: Mon, 13 Nov 2006 19:12:15 +0200
MIME-Version: 1.0
Content-Type: text/plain;
      format=flowed;
      charset="us-ascii";
      reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2869
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962



The spam email then is below this.

Looks like what you said..a spammer, right?
0
 
LVL 97

Accepted Solution

by:
war1 earned 1000 total points
ID: 17943764
Greetings, azyet24 !

The header shows the last Recieve From IP address is 10.152.239.99.  The reverse IP address lookup shows Marina Del Rey, California.
http://ws.arin.net/cgi-bin/whois.pl

Yes, a spammer sent the email.


Best wishes!
0
 

Author Comment

by:azyet24
ID: 17943769
Is there anything that I can do on my end to not receive these emails?
0
 
LVL 97

Expert Comment

by:war1
ID: 17943891
Since it is a bounce back from your email address, there is not much you can do.  

If you are getting a lot of such emails, if there is a pattern to the Subject field, set a mail rule to filter it out.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we will discuss some EI Capitan Mail app issues and provide some manual process to resolve them.
Email signatures have numerous marketing benefits. Here are 8 top reasons to turn your email signature into a marketing channel.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question