PDA

View Full Version : swamped with "undeliverables"



bruce666
16-08-2005, 12:11 PM
Suddenly my email is swamped with "message undeliverable" messages and similar "mailbox full," "still trying" etc automatic responses. They all refer to junk product spam sent from my email address. So has my computer been taken over or is someone else sending stuff but making it looks like it comes from me? I've done several virus and adware cleanups but it continues.

Safari
16-08-2005, 12:16 PM
Someone with a virus on their computer is sending out messages with your email address in the From Field.
Not much you can do about it except delete them and wait for it to stop.

personthingy
16-08-2005, 12:38 PM
Are you getting spam as well? If you are then there is a chance that some spamming ********* is using your address as a senders address. Often the "sender" addresses are just taken from the same data base as the "to" addresses.

Mailwasher did (still does?) return mail to the "sender". Guess what? today, your it!

If it doesn't go away, you may be forced to get a new address.

I suggest a closely guarded private address or two, and disposable public addresses for any forums or websites.

Laura
16-08-2005, 12:47 PM
Welcome to PressF1, bruce666.

Your symptoms have some similarity to the Swen worm/virus, which first appeared in September 2003.
(One of its attributes was multiple messages about undeliverable mail).
There was a removal tool created at the time. Google will find it for you - and it's worth a check.

But if it is Swen, your ISP should certainly have a filter by now to prevent the virus actually infecting your machine. So who is yoiur ISP? Does it give any indication these emails have been cleaned?

Sadly, the nuisance emails do continue for some time even without infection.
There are other nasties with similar symptoms, of course. This is just a thought...
And Googling is always a good option.

Terry Porritt
16-08-2005, 01:53 PM
Then there was this one a short while ago:

http://pressf1.pcworld.co.nz/showthread.php?t=57945

bruce666
17-08-2005, 11:00 PM
Thanks everyone for your help. I'm encouraged to think the flood may eventually abate.

1/ yes, it's the same "products" that I used to get spammed on, but the number of "undeliverables" is maybe ten times what the spam volume was.

2/ I use Mailwasher and that's a big help in cleaning out the mailbox fast.

3/ I did the Swen cleaner thing but it concluded with the message that the computer wasn't infected with Swen.

4/ I am with Woosh. They don't de-spam email but they have a tool that labels it - with fair accuracy - for ease of removal.

5/ The mail is coming to my business email address which is in the form of anyname@mybusiness.co.nz so it would be an operatic performance to change it I think.

waiting in hope
kind regards
Bruce

personthingy
18-08-2005, 02:40 AM
5/ The mail is coming to my business email address which is in the form of anyname@mybusiness.co.nz so it would be an operatic performance to change it I think. Is the flood coming to normal-name@mybusiness.co.nz or another-name@mybusiness.co.nz? If it is the later, a filter may be all you need. If it is the former, cross fingers, hope, whatever... This *may* pass!

Strommer
18-08-2005, 09:21 AM
Bruce, probably it is the "666" in your name.
If its not the devil, its the fundamentalists who are after you. :lol:

Trev
18-08-2005, 10:07 AM
I have had 2 undeliverable emails in the past week from someone I don't know or even tried to send an email to. I noticed they had an attachment to them. I just deleted them out of my system.

Trevor :)

bruce666
18-08-2005, 10:56 PM
Is the flood coming to normal-name@mybusiness.co.nz or another-name@mybusiness.co.nz? If it is the later, a filter may be all you need. If it is the former, cross fingers, hope, whatever... This *may* pass!


Thanks,
1/ they are being "returned" to an-infinite-bunch-of-other-dumb-names@mybusiness.co.nz

and

2/ they have stopped for now, as abruptly and inexplicably as they started. Perhaps the villain has run through his/her/its full list of email addresses and has gone off to steal more.

kind regards
Bruce

personthingy
19-08-2005, 10:36 AM
2/ they have stopped for now, as abruptly and inexplicably as they started. Perhaps the villain has run through his/her/its full list of email addresses and has gone off to steal more.This is good news, but it may not be how it will stay.The fact that your "undeliverables" came with an attachment suggests that this is indeed the result of a virus. I suspect someone who has your domain on thier computer had a virus that allowed some spamming ******* to use thier machine as a zombie. They've either sorted it out, or aren't using the net at the moment.

1/ they are being "returned" to an-infinite-bunch-of-other-dumb-names@mybusiness.co.nz
OK, sounds like you'd benefit from a system not unlike what i run for the millerton.co.nz mail.

I don't know who handles your email before you get it, so the exact details of how to set this up for you are difficult to define. I can only post how i've done this.

My email and domain registration are handled by www.registerdirect.co.nz they allow me 10 mailboxes per domain, and infinate aliases.

My email is split into three mailboxes.

-One mailbox for private addresses
This takes the form of address for "trusted people at www.millerton.co.nz" (obviously i'm not going to write the real address here) This is for the people i deal directly with. the actual address is given out on a one to one basis to those i can trust with it. Anything sent here is direct to my inbox. Theres a spam filter that deals out the occational email that comes to this address, but spam is rare.

-One mailbox for public addresses.
This is wildcarded, so you could write to "anything you like at www.millerton.co.nz", and it will arrive at this mailbox. This box does get read, but not with the priority of my inbox. This is where addresses on my website will go, or random attacks similar as to what you had would end up. Once i get more spam coming through from the address listed on my website than i can be bothered with, i change the address, and move the old alias address to the third mailbox. If i suscribe to anything, such as www.pressf1.co.nz the address given is specific to that forum. That way if i were to start getting spam on that address, i'd know why, and only block mail sent to that address. I wrote off "bravenet" for that very reason, i got a lot of spam arrive at an address i only ever gave to bravenet. The address i gave them is now in the third mailbox.

-one mailbox for junk@millerton.co.nz
This is for addresses that are well and truly in the hands of spam inc. Send an email to chris@millerton.co.nz, and it will end up here as that is an address that gets 20-30 spams a day. I have it collected by an email client that puts it in a box called "trash@millerton" and every month or so i delete a few hundred items of junk. As you can see, i'm quite happy to run anything in the third mailbox as a honeypot. Anything sent here is one less thing sent to a real address.

Your email provider may be able to bounce bad email addreses for you, so if you were to get 10 spams a day for debbie@businessname.co.nz , you could have that configered so future email for debbie bounces back and you'd never see them. (i'm assuming that there's no-one called debbie who might want her mail )

HTH

Metla
19-08-2005, 10:45 AM
All you need to do is configure it so any email not sent to a specific email address is deleleted automaticlly at the server end.

Its a snap to make the mail.domainname.co.nz address a black hole.

personthingy
19-08-2005, 11:01 AM
Its a snap to make the mail.domainname.co.nz address a black hole.

Not allways... i have the choice of sending all nonspecified addresses to a blackhole, or an exsisting mailbox. I do not have the choice to send specific addresses to a blackhole, unless i create my own, hence mailbox 3, see above.

Metla
19-08-2005, 11:06 AM
The mail.domainname.co.nz is the catch-all address,meaning it recieves all emails ending in your domain name......