Jump to content

I Am Being Spammed By Myself

mdscott

By mdscott
in Abuse Related

 Share

Recommended Posts

mdscott Rookie

mdscott

Posted
Posted

Over the past few days I have received well over a hundred messages from non-existing accounts in my domain [Help@scottsonline.org; Security@scottsonline.org; etc.] relating all sorts of fictitious security or access related issues and seeking verification by opening an attached .zip or .exe file.

 

Any easy way to seek the culprit -- which I assume is external to TCH.

 

Michael Scott

Link to comment
Share on other sites
TCH-Dick Grand Master

TCH-Dick

Posted
Posted

I wouldn't waste any time trying to figure out where it came from. Its usually sent from some poor saps PC that has no clue its being done.

 

However, in cPanel under Mail, look for Default Address and click it. Make sure it has :fail: set for your domain. This will cause all email without an account to be bounced/discarded.

Link to comment
Share on other sites
TCH-Thomas Grand Master

TCH-Thomas

Posted
Posted

What I think Dick means is that there are viruses etc that can fake the "from" field.

It can be that someone have you in their addressbook and if they are infected, this kind of things can happen without them knowing it.

 

I have had this problem many times, first time I received a mail from a claudia@my tch hosted domain.com. The problem was that I neither know a Claudia or have set up an address claudia@...com, so then we figured out someone had me in their addressbook and they were causing it without knowing.

 

As Dick said, don´t waste time with checking it out, but however, what you can do is to make sure to remind your friends to have clean computers. :)

 

and... Welcome to the forum. :)

Link to comment
Share on other sites
mdscott Rookie

mdscott

Posted
  • Author
Posted

Sigh, what I expected. For what its worth here are examples of headers:

 

Content-Type: multipart/mixed; boundary="----=_NextPart_000_0008_E72F51E2.75D460C4"

Date: Tue, 9 Aug 2005 18:00:59 -0700 [08/09/2005 09:00:59 PM EDT]

Delivery-date: Tue, 09 Aug 2005 20:59:51 -0400

Envelope-to: michael@*******.org

From: service@********.org

MIME-Version: 1.0

Received: from [71.111.168.17] (helo=*******.org) by server24.totalchoicehosting.com with esmtp (Exim 4.44) id 1E2ewf-0005CV-SR for michael@*********.org; Tue, 09 Aug 2005 20:59:51 -0400

Return-path: <service@*******.org>

======

 

Content-Type: multipart/mixed; boundary="----=_NextPart_000_0000_E084EF61.CDBC4406"

Date: Wed, 10 Aug 2005 04:22:22 -0700 [08/10/2005 07:22:22 AM EDT]

Delivery-date: Wed, 10 Aug 2005 07:21:06 -0400

Envelope-to: michael@*********.org

From: admin@********.org

MIME-Version: 1.0

Received: from [71.111.168.17] (helo=********.org) by server24.totalchoicehosting.com with esmtp (Exim 4.44) id 1E2ods-0007t2-Uf for michael@********.org; Wed, 10 Aug 2005 07:21:06 -0400

Return-path: <admin@*******.org>

======

 

 

mds

 

ps; Thanks for the welcomes -- my lack of participation is a testament as to how trouble free TCH is for the small casual user!!

 

Edit: TCH-Bruce I've removed your domain name so you don't get more spam!

Link to comment
Share on other sites
kayaker Apprentice

kayaker

Posted
Posted

The same thing just happened to my daughter. She received spam from her own email address to her email address! It was all about Microsoft and spamming issues. Very odd. I could have her give me the whole header, but from reading the replies to this topic I can see that it's not of much use. I just hope that other people aren't being flooded with emails "from" her and thinking she's sending them.

 

Karen

Link to comment
Share on other sites
TCH-Andy Grand Master

TCH-Andy

Posted
Posted

The "norm" with that spam is to set the "from" address and the "to" address the same. Hence your daughter will get it from herself - but if I were to receive it, it would say I had sent it.

 

So nobody else should get that spam "from" her.

 

The best thing is to just delete it - or set up a filter to block it.

Link to comment
Share on other sites
kahill Enthusiast

kahill

Posted
Posted
The same thing just happened to my daughter.  She received spam from her own email address to her email address!  It was all about Microsoft and spamming issues.  Very odd.  I could have her give me the whole header, but from reading the replies to this topic I can see that it's not of much use.  I just hope that other people aren't being flooded with emails "from" her and thinking she's sending them.

 

Karen

 

 

Well, I've been getting the same thing (From myself TO: myself in headers) and it is the same Microsoft spam.

 

The bad thing is - I've just been notified that my domain is showing up on SPAMCOP and I assume all of my CLIENTS are now blacklisted cause they are on the same server.......

 

This is an SOS issue!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...