shochat Posted January 31, 2004 Posted January 31, 2004 I have recently started to use my spamcop.net E-mail account more and am considering switching over to it completely. However, I received a troubling bounce today to a message ostensibly from me, which I had never sent. Furthermore, the bounce seems to imply that the message I supposedly sent contained a virus. The most confusing part is that when I study the source of the bounce, particularly the included source of the message being bounced, I see this: Received: from spamcop.net (localhost [127.0.0.1]) by mx3.interplay.com (8.12.10/8.12.9) with ESMTP id i0TN7W0K023161 for <maria[at]interplay.com>; Thu, 29 Jan 2004 15:07:32 -0800 Now what does that mean? Does it mean that I was being spoofed by someone inside interplay.com? The bounce message I received did seem to have come legitimately from mx3.interplay.com (the sending IP address matched mx3.interplay.com in DNS). Should I just ignore this? The idea of someone sending a virus-laden message supposedly from me is kind of troubling. -- David
Jeff G. Posted January 31, 2004 Posted January 31, 2004 Please post the bounce (without the payload) in spamcop.spam and refer to it here. Thanks!
shochat Posted January 31, 2004 Author Posted January 31, 2004 Done. Posted in spamcop.spam with subject "Bogus bounce" 9:57:15 PM EST. No actual payload in the bounce I received. It was supposedly cleaned.
jefft Posted January 31, 2004 Posted January 31, 2004 Should I just ignore this? The idea of someone sending a virus-laden message supposedly from me is kind of troubling. -- David It's very common. Most viruses forge the return address of someone else when they send themselves out. That's why most responsible ISP's no longer send virus notifications to the alleged virus senders. JT
Recommended Posts
Archived
This topic is now archived and is closed to further replies.