Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About slyworme

  • Rank
  1. slyworme

    Is this my email spoofer?

    Thanks for the reply. Just to clarify - the best person to contact in this case would be the Registrant (Mr Almutairi) or the IP host (Virtacore Systems Inc)?
  2. Hi, I have had my email account spoofed for around a year now. It happens in bursts lasting 2 weeks or so then is quiet for a month or so before re-starting. I have checked all the bounce-back messages I receive but there is no information I can see that is any use...until today when I started receiving the following bounce-back: "This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a temporary error. The following address(es) deferred: policyexpert.co.uk@mail57.wdc03.rsgsv.net Domain eoneltd.com has exceeded the max emails per hour (1103/1000 (110%)) allowed. Message will be reattempted later ------- This is a copy of the message, including all the headers. ------ Received: from [] (port=51287 helo=tenxr.com) by host.althuq.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256)" A quick whois check points to this entry: Registrant Org ahmed almutairi is associated with ~16 other domains Registrar GODADDY.COM, LLC Registrar Status clientDeleteProhibited, clientRenewProhibited, clientTransferProhibited, clientUpdateProhibited Dates Created on 2007-09-11 - Expires on 2018-09-11 - Updated on 2014-08-27 Name Server(s) NS1.ALTHUQ.COM (has 6 domains) NS2.ALTHUQ.COM (has 6 domains) IP Address - 4 other sites hosted on this server IP Location - Virginia - Sterling - Virtacore Systems Inc ASN AS14383 VCS-AS - Virtacore Systems Inc, US (registered May 12, 2005) Among the other site hosted on the same server is the althuq.com listed in the bounce-back. Is there a good chance that this is the person spoofing my email? I am aware that they may not even realise they are doing it if their computer/server has been compromised. If this is a good indication that they are responsible, who is the best person to inform? Thanks, Mike