Thousands of Delivery Failure messages

[cliffskier]

I have received over 3000 delivery failure messages in the last 36 hours for messages I could not have sent. The tracking URLs for a couple of examples are below:

http://www.spamcop.net/sc?id=z5944274385z4...bf96ce8ee83d10z

http://www.spamcop.net/sc?id=z5944283460za...5c4674e1674bf7z

There are a number of variations from different responders including a lot of Ohio state agencies.

As near as I can make out, this seems to involve a mailing list, ConsumerAdvocateMembers[at]ag.state.oh.us. All of the bounce messages are sent to that address and they appear to be copied to me. I think the original spam is being sent under the guise of that address, and when it bounces the failure messages are copied to everyone on the list. But then, I don't know why I would be on that list. I have not been able to learn anything about the list through any searches.

I don't see anything in the headers of the original message or the delivery failure message that would suggest that the originals come from my e-mail or are even spoofed to appear that they are sent by me. My SMTP server limits sent messages to 250 per day anyway, so there is no way 3000+ could have been sent from my account.

Any ideas what is going on here or how to stop the messages?

[rconner]

Possibly the spammer forged your address into some of his outgoing messages. He does this to improve chances of delivery. Any bounces that result go to you and not to him, but he doesn't care about this.

He doesn't need any information about you to do this, just your address. So, it shouldn't be terribly worrisome and is not by itself evidence that you have been "hacked" (or whatever the current term may be).

This stuff happens from time to time, if you just sit it out then it will probably fade in a few days when the last mail server gives up trying to deliver the last of the forged messages.

-- rick

[MainID]

I have received over 3000 delivery failure messages in the last 36 hours for messages I could not have sent.

<snip>

As near as I can make out, this seems to involve a mailing list, ConsumerAdvocateMembers[at]ag.state.oh.us. All of the bounce messages are sent to that address and they appear to be copied to me.

<snip>

Any ideas what is going on here or how to stop the messages?

I get this also. I call it retaliation spam. As it not really spam as its comming from a valid list response.

Someone associated with the ag.state.oh.us placed your address in the list response as a payback for some unknown reason. I get this from the Stanford Edu mailing list (over 3000 of them). I was placed on the reply to list after I reported one of their IP's for having a Bank of America phishing page to their network administrators. Guess they fowarded the complant to that student with my email address and they retaliated by placing me on every list they could find.

I contacted their network abuse and asked that my email address be purged from their network and filtered from any outgoing mailings. Guess it worked as they mainly stopped.