Jump to content

Bounced spoofed emails


petew1959

Recommended Posts

Hi,

I have just received hundreds of emails in my inbox that have been bounced back from non-existant addresses. I did not send the original email, and it appears (with my limited knowledge) that my email address has been spoofed. It appears to originate from an IP address in India that has had previous suspicious activity, but it is still active.

I tried submitting one of the messages for reporting, but that was going to send the report to the server it was bounced from, not the address it was originally sent from. I then tried posting just the header of the original email, but that said there was no address to send the report to.

How do I report this? Can I post one of the messages here for someone to look at?

Link to comment
Share on other sites

You can use SpamCop to report the delivery failure notices you're getting because the spammer is forging your email address.

You can NOT cut the spam out of the bounces and report it by itself. That is not your spam and you have no way to verify the accuracy or completeness of the headers.

Try to report several of the bounces. If SpamCop can't find a reporting address for any of them, EMAIL me the TRACKING URL from the top of the SpamCop parse page and I'll see if I can help.

- Don D'Minion - SpamCop Admin -

- Service[at]Admin.SpamCop.net -

.

Link to comment
Share on other sites

...I tried submitting one of the messages for reporting, but that was going to send the report to the server it was bounced from, not the address it was originally sent from. I then tried posting just the header of the original email, but that said there was no address to send the report to. ...
Yes, the one offered, that's the one you need to report, as Don explains.

Why? They (the network responsible for the bounce) should know better than to return anything after they have dropped the connection to the server that sent it to them - which is the only source they can be certain about at that point.

Once upon a time bouncing to the alleged sender/reply address was correct procedure, those days are long gone since the "From:" or "Return-address:" (if stipulated) are easily forged, and probably are forged in the majority of e-mail messages ever sent these days (being spam, mercifully most of which the average person never sees). You can help lead those clueless mail administrators to the light by telling them they "did wrong".

Don't worry about the original spam. Enough of that will have gone through to valid addresses for others to have a shot at reporting it. Don't worry about your reputation - nobody with half a clue would imagine the spam really came from you if it didn't originate from a server in "your" network.

The above is just to spell it all out (and other readers might wonder about it too) - the message is, follow Don's advice.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...