So, someone is sending spam from my e-mail...

[Lokik]

I recently got many e-mails from postmaster[at]mail.hotmail.com ("Delivery Status Notification (Failure)â€"), and it seems someone is using my e-mail to send spam now. The failed mails had a small attachment, plus they had URLs to some websites. This kind of thing is very new to me, and English is not my first language so all this reporting seems very complicated.

I checked the info of the messages, and they showed this:

X-Originating-IP: [187.131.160.139]

I tracked the IP address to Juarez, Mexico. Is this the IP of the spammer who is using my e-mail? Is there anything I can do about it?

Sorry if this is not the right place to ask this, wasn't quite sure about it.

[rconner]

They aren't really "sending from your e-mail," what they have done specifically is just to forge your address into their outgoing messages. To use a (paper) post office analogy, it's as if they had mailed a letter on which they put your name and address in the top left corner. It takes no particular trickery and requires no information other than the address itself.

It's unlikely that the spammers know or have anything about you other than just the text string that is your address. This kind of forgery is very common among spammers and generally isn't anything to worry about since everyone (including you now) knows that from-addresses aren't trustworthy as an indication of the origin of spam.

Here's a page with some more detail on the matter if you care to read it.

-- rick

[alvarnell]

There is another possibility that your e-mail account has been hacked if you had a password that was easy to guess. If this continues I would change such a password to something much harder to break and see if that doesn't stop it.

[rconner]

There is another possibility that your e-mail account has been hacked if you had a password that was easy to guess. If this continues I would change such a password to something much harder to break and see if that doesn't stop it.

While it is always a good idea to use strong passwords and change them often, I wouldn't want to go so far as to say that anything had been "hacked" in this case, at least not on the evidence the original poster has presented. Fortunately, it is not difficult to check this possibility.

The bounce messages usually contain the headers of the offending (spam) message, and these will show the IP address of the mail server from which the message was received. Unless this server is related to the domain of the stolen address (the original poster implies not), I think it much more likely that the spammer simply forged the from-address (or return-path address), as they have done to me many, many times in the past. This forgery is very difficult (if even possible) with a "normal" mail program (Outlook, etc.) but very easy with the right bulk-mailing tools.

-- rick