8 replies to this topic

[jacquibaby]

For the past week loads of spam about mortgages and cheap viagra has been sent using my address as a bounce address. So of course I am getting 6-700 returns a day! I also have been sent an email taking the mickey...look.....===========
Dear user of (my email address was here!), administration of (my email address was here!) would like to let you know that.

We have received reports that your email account was used to send a huge amount of junk e-mail during this week.
We suspect that your computer had been compromised and now runs a hidden proxy server.

We recommend that you follow instruction in order to keep your computer safe.

Best wishes,
The (my domain name was here!) team.
====================================
I have the headers of that email, and an ip address,but am stuck on who it belongs to, apparently it IANA , but they say they cannot help .
Anyone got any ideas about anything I can do? Thanks!
jacqui

[Bobbi Flekman]

I get spammed as well, and sometimes I even get spammed "from my own address". Most of the time you should just ignore this, unless your ISP is going at you.

If you want to know if you are running a hidden spam server, I suggest you post a HijackThis log in "Malware Removal" so we can see what is running on your computer.

[jacquibaby]

Thanks, just did that to make sure. Another 200 bounced emails to delete..sigh!

[lisasimpson]

Oh my. I'm sorry that that is happening to you. That must be awful.

[jacquibaby]

I resolved this by bouncing back any email not address to specific "people" at my domain. So I guess I'm bouncing back all of the bounce back messages!

[Burner]

I had the same problem. I got about 1300 emails on a 6 hour basis. In the beginning I tried to keep up with the messages and put filter in.

You can try that, most of the times those bounced messages start with specific prefixes (like MAILER.DEAMON.SERVER[BOUNCE])

And have it automaticly delete it.

But in the end I just gave up on it. About 300 emails were still getting trough my 81 filters, and I got complaints that some emails weren't reaching me.

Best thing to do, is to call your ISP request a new email address and just sent everybody a message saying you got a new email address from your new address.

Sincerely,
Burner

[cyberscan]

I was involved in a battle with spammers. Whenever I reveived a spam, I would enter fake information with my real phone number. Then, when these companies would call me, I gave them "what for" for buying their leads from a spammer. I would demand to talk to their supervisors, threaten legal action, tell them I will never do business with their company and so on. Many legit companies buy leads from spammers unawares and will terminate business relationships with those who cause them to lose customers. Anyway, after doing this for about a month, I started getting thousands of returned email messages. It seems that the spammers decided to forge my email address for a return address in their spam.

Since I am fortunate enough to have control of my domain, I went to a few of the websites advertised in the returned email and pasted a warning message in the comments section on their form pages. I warned them that I was about to change the ip address of my domain to that of the U.S. Army. I told them that since they were denying me the use of my domain, I was going to take them down with me by bringing the wrath of the US government on them. The DMA might be a good one to use instead of the U.S. Army

I posted my warning to only 2 websites, and the returned spams stopped within an hour. (Yes I had a way to C.M.A. had I gone ahead and made good on my threat).
Most people disagree with me on my offensive tactice to deal with Internet criminals, but I find that offensive tactics are the only thing that seem to work. I tried filters, complaining and such, but these methods are way too costly in terms of my time and my bandwidth. I would like to see those who write antispyware programs replace the spyware that they find with programs that cause the operators of spyware sites to be bombarded with visits, false information and such. If governemnts continue to refuse to do there jobs to protect people, then people need to take drastic action themselves. I personally am tired of having to constantly update my computer's security, buy antivirus programs, clear my inbox of garbage, and be afraid to use my Internet connection (which I pay for) because of cyber criminals. We should quit with all the useless flutter, go on the attack, and take the war to their camp.

[hushabi]

I was involved in a battle with spammers.  Whenever I reveived a spam, I would enter fake information with my real phone number.  Then, when these companies would call me, I gave them "what for" for buying their leads from a spammer.  I would demand to talk to their supervisors, threaten legal action, tell them I will never do business with their company and so on.  Many legit companies buy leads from spammers unawares and will terminate business relationships with those who cause them to lose customers.  Anyway, after doing this for about a month, I started getting thousands of returned email messages.  It seems that the spammers decided to forge my email address for a return address in their spam.

Since I am fortunate enough to have control of my domain,  I went to a few of the websites advertised in the returned email and pasted a warning message in the comments section on their form pages.  I warned them that I was about to change the ip address of my domain to that of the U.S. Army.  I told them that since they were denying me the use of my domain, I was going to take them down with me by bringing the wrath of the US government on them.  The DMA might be a good one to use instead of the U.S. Army

I posted my warning to only 2 websites, and the returned spams stopped within an hour.  (Yes I had a way to C.M.A. had I gone ahead and made good on my threat).
Most people disagree with me on my offensive tactice to deal with Internet criminals, but I find that offensive tactics are the only thing that seem to work.  I tried filters, complaining and such, but these methods are way too costly in terms of my time and my bandwidth.  I would like to see those who write antispyware programs replace the spyware that they find with programs that cause the operators of spyware sites to be bombarded with visits, false information and such.  If governemnts continue to refuse to do there jobs to protect people, then people need to take drastic action themselves.  I personally am tired of having to constantly update my computer's security, buy antivirus programs, clear my inbox of garbage, and be afraid to use my Internet connection (which I pay for) because of cyber criminals.  We should quit with all the useless flutter, go on the attack, and take the war to their camp.

Wow Good post, I'm in let go get em! :ninja:

[SherryThing]

Hi, I too am being inundated by non-deliverable notifications. Someone is sending hundreds of email out using email addresses with my company's domain name such as jghgakjdhjkas@mydomainname.com.

I have a web business, which is the domain name being used for all this spam, and on our website I have an autoresponder where people sign up via a form to get free samples (word templates) emailed to them. So I'm not sure whether the autoresponder on our server has been compromised, or whether my computer has been.

This has been going on for months now and it's driving me crazy. Every morning I go to check my email and I have around 100 of these bounced back emails and they continue to come in throughout the day. Sometimes I even get emails with one of our legit email addresses as the subject. Sometimes I also get emails coming from a real person's name using our domain email address, for example - cindy@mydomainname.com - when there is no cindy at my company.

What can I do to stop this? I'm concerned also that my business is going to be flagged as a spammer and since everything we do is via email, that could cause a real problem. I've spoken to our web host and they say there's nothing they can do - that's it's not actually coming off of our server.

Changing our domain name is obviously not an option, nor is our not using IE.

Any help would be very much appreciated. Thanks in advance.