Mystery 'bounced' message; am I a bot?

Let'sgoflying!

Let'sgoflying!

Touchdown! Greaser!
Joined
Feb 23, 2005
Messages
20,322
Location
west Texas
Display Name
Display name:
Dave Taylor
Received the bounced message below and I did not send such a message so I have to wonder if my puter is sending these out without my knowledge.
How to test this theory?
I have no knowledge of precision abrasives. Odessa is a nearby city which routes our internet connections I believe.
A large part of the message was a pic of an online pharmaceutical company's ad, it did not copy here.


++++++++++++++++++++++++++++++++++
This is the mail system at host wifi-router.tm.odessa.ua
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<precisionabrasiv@tm.odessa.ua>: host 195.66.204.50[195.66.204.50] said: 571
sorry, you are violating our security policies (#5.7.1 - chkuser) (in reply
to RCPT TO command)
Reporting-MTA: dns; wifi-router.tm.odessa.ua
X-Postfix-Queue-ID: 1C1D3D5D182
X-Postfix-Sender: rfc822; wtxvets@
Arrival-Date: Sat, 14 Jun 2008 14:27:46 +0300 (EEST)
Final-Recipient: rfc822; precisionabrasiv@tm.odessa.ua
Original-Recipient: rfc822;precisionabrasiv@tm.odessa.ua
Action: failed
Status: 5.0.0
Remote-MTA: dns; 195.66.204.50
Diagnostic-Code: smtp; 571 sorry, you are violating our security policies
(#5.7.1 - chkuser)
Subject:
Dear precisionabrasiv@tm.odessa.ua June 80% 0FF
From:
VIAGRA ® Official Site <precisionabrasiv@tm.odessa.ua>
Date:
Sat, 14 Jun 2008 14:27:46 +0300 (EEST)
To:
<precisionabrasiv@tm.odessa.ua>
Click Here!
©2007 Microsoft | Unsubscribe | More Newsletters | Privacy
Microsoft Corporation, One Microsoft Way, Redmond, WA 98052
 
Last edited:
Dave:

Your email address was spoofed as a return addy; in addition, by posting the msg here with your email address unchanged, you are setting yourself up to have the address harvested by bots for MUCH more spam.

I'd edit and remove.
 
Thanks Spike.
I might figure out what that means.
Just to be safe(r) I have altered my email address.
Although I think my eaddress is readily available to many other sources including my personal profile on a lot of these boards.

Was the answer yes, my puter is sending stuff to people?

signed;
techo-slowpoke
 
"spoofed as a return addy"

I think this means -ah- I can't figure it out, you'll have to spoonfeed me!
 
Dave, it's probably not on your computer. Someone who has captured your address is pretending to be you.
 
Sorry.

"Spoofed" means that, in the broadcast emails (advertising porn or viagra or whatever), the return email address showing is falsely shown to be yours, so the person receiving it might think you are the one who sent it.
 
thanks for dumbing it down, I think I get it now.
I suppose I need to be more careful w my eaddress...but that is difficult - I need to have it available to certain groups.
 
The "real world" equivalent is some guy sending obscene letters through the USPS but printing your home address as the return address. Same concept, less paper.

If you look through the header you can track the originating IP (rarely spoofed) and determine country and city of origin plus the ISP of the user if your really care.
 
Pi1otguy said:
If you look through the header you can track the originating IP (rarely spoofed) and determine country and city of origin plus the ISP of the user if your really care.
Click to expand...

and most of the time--it wasn't that user that sent it. They either had their server setup as an open-relay or a hacker installed some sort of bot.
 
Let'sgoflying! said:
that's a form I immediately understand, thanks Pi1.
Click to expand...
Thanks.
BTW, to answer the next question you probably have ("What can I do to stop it?" or "How can I prevent it?"), there is virtually nothing you the user can do. Just accept that as your email address ages you'll see I've noticed that a few ISP's (Pacbell for one) have started requiring that the from address matches the account used unless you otherwise prove ownership of the "from" address.
 
Dave,

if you only got a few, you're lucky.

Some slimeball did that with my email - causing upwards of 1000 those replies per occurance. Over a two week period, I probably got hit with 4500+ replies. I set up a server-side filter that took out most of 'em.

Spammers can go to ****.
 
Pi1otguy said:
The "real world" equivalent is some guy sending obscene letters through the USPS but printing your home address as the return address. Same concept, less paper.
Click to expand...
And the "harvesting bots" analogy would be that this crazy obscene-letter guy has a legion of monkeys in his basement trained to copy down mailing addresses from phone books and write them on the envelopes for his letters, 24/7... :D

Reminds me how the first time I got into a bid war on eBay, I started to get the feeling I was bidding against a program; the counter-bids were practically popping up before i could hit "enter".

Turns out I probably was...http://www.ezsniper.com/

But I beat it anyway!! :D
 
I just got on the order of 1000 of those bounce messages. Looking at the time stamp, the bounces all hit my server within a period of slightly over 2 minutes - 500 a minute. Assuming that the bounces only consisted of 10% of the total sent, one can assume that over 10,000 spam messages were sent out in my name.

Spammers can go to ****.
 
You must log in or register to reply here.
Back
Top