Jump to content

Someone using my address: how to report?


rdillman

Recommended Posts

Every now and then I get an email from an ISP somewhere notifying me of an email that cannot be delivered (usually "adresee unknown"). But, these are not emails that I have sent - so someone is using my address as part of their spamming.

Is there a way to report this? Should I bother to try? (Apologies if these are simpleminded questions.)

Link to comment
Share on other sites

Be aware that the bounce may also be due to a virus picking up your address from a friend's (or spammer's!) address book and using it in the "from" field. As such, any attachment MAY contain a copy of the virus. This is especially if the message was bounced as it contained a .pif or .exe file or similar. (I have had at least 3 bounces of this type over the last 2 weeks).

If you know what you are doing, you may want to copy (carefully!) the message header of the original message and use a tool such as spamid.net to find the originating ISP. If it is an ISP unique to a single known contact, you may want to check with your friend if their PC is infected. Otherwise, I would not bother, unless you get multiple infected messages from the same IP address over a number of days.

Link to comment
Share on other sites

want to copy (carefully!) the message header of the original message and use a tool such as spamid.net to find the originating ISP

I'm kind of confused ... why would you be answering someone using SpamCop by suggesting that they use spamid.net, which appears to try to do the same type of parsing? (I tried it with a simple spam from a HotMail account, one that had like 30 To: lines, but only two Received lines (one forged) ... even after deleting all but one To:, all I could get was a 413 Item too big error ???)

Your note about "carefully copying the message header" gets right down to the meat of why Julian's not hot on trying to parse these things .. not to be too critical, but if a user knows how to see the headers and knows how to "carefully cut", I'm guessing that this user would also know how to track the source IP adress back already, thus not needing to paste the whole set of headers somewhere ...??? And the critical part of this is knowing which part of the headers are bounce, which are actual, and which are total crap ...

based on my failed attempt at getting it to parse a simple spam, I'm at a real loss as to how it would handle a bounced spam correctly .... much less why it would result in something different than SpamCop's parser ... unless it all hinges on that "careful copy" phrase ...???

The other items on that page offer different items with different levels of details, but the critical stuff is also handle in the SpamCop parser window, just put the "IP or name" on a single line and hit the button ...

Greenlady, I must be missing something .... or is the error message I was getting due to not registering? You sounded so positive about the site ...???

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...