Jump to content

'Delivery Failure' notifications about emails that I have not sent


Recommended Posts

Hello at all.

I am receiving several notifications of 'Delivery Failure' from MAILER-DAEMON[at]c60.cesmail.net about email messages that I have not sent (in fact, the recipients are unknown for me).

They are like these:

The following message to <--edited--[at]twcny.rr.com> was undeliverable.

The reason for the problem:

5.1.0 - Unknown address error 550-'5.1.1 - Invalid mailbox: --edited--[at]twcny.rr.com'

The following message to <--edited--[at]mac.com> was undeliverable.

The reason for the problem:

5.1.0 - Unknown address error 550-'5.7.0 Blocked - see https://support.proofpoint.com/dnsbl-lookup...216.154.195.49: --edited--[at]mac.com'

The following message to <--edited--[at]aol.com> was undeliverable.

The reason for the problem:

5.1.0 - Unknown address error 550-'5.1.1 <--edited--[at]aol.com>: Recipient address rejected: aol.com'

Any hint about the cause of this issue?

Javier.-

Link to comment
Share on other sites

Hello at all.

I am receiving several notifications of 'Delivery Failure' from MAILER-DAEMON[at]c60.cesmail.net about email messages that I have not sent (in fact, the recipients are unknown for me).

They are like these:

Any hint about the cause of this issue?

Javier.-

216.154.195.49 is SpamCop email SMTP (send) server

Someones account has been compromised?

https://www.senderscore.org/lookup.php?look...p;ipLookup.y=10

this site updates every few hours

This figure should be 99 to drop like this indicates it's spewing spam and hitting spamtraps

as a precaution log into webmail and change your password also a spyware scan

Edited by petzl
Link to comment
Share on other sites

216.154.195.49 is SpamCop email SMTP (send) server

Someones account has been compromised?

https://www.senderscore.org/lookup.php?look...p;ipLookup.y=10

this site updates every few hours

This figure should be 99 to drop like this indicates it's spewing spam and hitting spamtraps

as a precaution log into webmail and change your password also a spyware scan

Hello, thank you for your reply.

I have changed the Spamcop webmail password and have run a full scan (no virus nor spyware detected, however).

Today I have received another fifteen or sixteen more of these notifications. As I have seen that other member have posted about this same issue I'm thinking that a sort or header spoofing is behind this.

Link to comment
Share on other sites

Hello, thank you for your reply.

I have changed the Spamcop webmail password and have run a full scan (no virus nor spyware detected, however).

Today I have received another fifteen or sixteen more of these notifications. As I have seen that other member have posted about this same issue I'm thinking that a sort or header spoofing is behind this.

Seems a "perfect storm"; SC email is catching up, or trying to, same time as it's spewing spam!

Might not be you. but better safe than sorry don't hurt to change passwords and scan. For windows spybot is preety good and free for home use

http://www.senderbase.org/senderbase_queri...=216.154.195.49

The volume (send change) is now down from over 2000% increase to 720% at present

A good freeware "Gadget" for windows desktop to monitor upload download speeds is here

http://addgadgets.com/network_meter/

Edited by petzl
Link to comment
Share on other sites

5.1.0 - Unknown address error 550-'5.7.0 Blocked - see https://support.proofpoint.com/dnsbl-lookup...216.154.195.49:

If you could send me a complete copy of that delivery failure notice, I would appreciate it very much.

Please use the PM feature of this forum.

- Don D'Minion - SpamCop Admin -

- Service[at]Admin.SpamCop.net -

.

I'm getting the same problem. I have already changed my password, and am reasonably confident that the mail is *not* originating from me.

If you would like a copy of the mail, I'm more than happy to pass an example on.

Ken

Link to comment
Share on other sites

I'm getting the same problem. I have already changed my password, and am reasonably confident that the mail is *not* originating from me.

If you would like a copy of the mail, I'm more than happy to pass an example on.

Ken

Do it please (takes maybe 20 hours for Don to get it by the mail I'm now getting

Link to comment
Share on other sites

Hello, thank you for your reply.

I have changed the Spamcop webmail password and have run a full scan (no virus nor spyware detected, however).

Today I have received another fifteen or sixteen more of these notifications. As I have seen that other member have posted about this same issue I'm thinking that a sort or header spoofing is behind this.

Please write to me at support [at] cesmail.net and include a couple of copy/pastes of the complete bounce message including all headers and the text. TY

Link to comment
Share on other sites

5.1.0 - Unknown address error 550-'5.7.0 Blocked - see https://support.proofpoint.com/dnsbl-lookup...216.154.195.49:

If you could send me a complete copy of that delivery failure notice, I would appreciate it very much.

Please use the PM feature of this forum.

- Don D'Minion - SpamCop Admin -

- Service[at]Admin.SpamCop.net -

.

Hello Don.

I have PM'ed you two of these emails. If you need some more, please let me know.

The delivery failure notices from Yahoo have more details, as they include part of the "original" message. I'm not an expert, but looking at them I would bet that an spammer have spoofed (or get a foot into) the SpamCop mail server.

Regards,

Javier.-

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...