Help, hijacked??

[glojo]

This week-end my In Box is being inundated with 'returned mail'

These are e-mails allegedly posted by me to incorrect addresses?? The posts are then returned back to me?

I have a freeserve address and can put anything before the @ thingie. All the e-mails that are being returned have random letters before this @. Things like qwde or 12werrq, quite clearly not my proper address.

I am concerned over what is happening because.. a) So far over the week-end and this morning I have had in excess of two hundred returns

b) How many mails have been sent and not returned, plus what do they say?

All the returned mails have attachments, but I am afraid to open them just in case they contain worms or other plant life.

I subscribe to a very good anti-virus company. I keep both my anti-virus and firewalll software both running and up todate, I also have Microsoft's Spybot continually running and I have a Broadband connection which both my children are also connected to. (They have the same protection)

Over the week-end I posted an e-mail to Freeserve to seek advice but have not had a response.

Any help or advise will be greatly appreciated.

Regards,
John

 

[gary350]

It looks like you address is being passed around but in case you have something lurking it might be wise to go to Tech Support Guy and put your problem to them (they are really good and free). You need to register then post your problem. See the link http://www.techguy.org/welcome.html
Its all done fairly quickly.

gary

 

[glojo]

It looks like you address is being passed around but in case you have something lurking it might be wise to go to Tech Support Guy and put your problem to them (they are really good and free). You need to register then post your problem. See the link http://www.techguy.org/welcome.html
Its all done fairly quickly.

gary

Thank you very much indeed.

Off to your link,

John

 

[MikeL]

Junk

John,

Most likely someone you know has an infected system, which "harvest" e-mails sends out a load of e-mails - randomly choosing a false "sent from" e-mail i.e. yours. Any responses are then automatically sent to to your e-mail. Annoying but not to serious as long as your security measures are in place - and usual precautions with unknown attachments etc.

I took Blueyonder to task a couple of months ago - if get a reply I'll pass it on.
Seems to have died down recently.


Mike

 

[glojo]

John,

Most likely someone you know has an infected system, which "harvest" e-mails sends out a load of e-mails - randomly choosing a false "sent from" e-mail i.e. yours. Any responses are then automatically sent to to your e-mail. Annoying but not to serious as long as your security measures are in place - and usual precautions with unknown attachments etc.

I took Blueyonder to task a couple of months ago - if get a reply I'll pass it on.
Seems to have died down recently.


Mike

Thanks Mike,
I am simply deleting them without even attempting to read the attachments.

John

 

[merc-c]

mailwasher

you could try mailwasher. http://www.firetrust.com/
you can delete any unwanted emails on the mail server.

 

[glojo]

you could try mailwasher. http://www.firetrust.com/
you can delete any unwanted emails on the mail server.

Hi Merc,
Thank you very much for the advice. Your link refers to Spam and unwanted mail. You could argue that what I have is 'unwanted'!! But it is allegedly my mail simply being returned to me.

Someone is using my domain name.

Example:

[email protected]

This is the correct e-mail address, but anything with @joe.freserve.co.uk will get through

eg [email protected] [email protected]

I am being bombarded with returned e-mails, all with attachments and all with random letters before the '@' sign.

The best advice so far is from the link that gary kindly supplied.

Someone with my e-mail address has probably got a virus and all the folks in their address book are suffering.

(My system is fully protected and up todate)

Thanks for the advice,
John

 

[Benzowner]

Just a thought, you will, I think, never send an e-mail to yourself, so why not block the sender for a time. After a few weeks, unblock and see if all has died down. You will need to block all e-mails ending with @joe.freeserve.co.uk

 

[glojo]

Just a thought, you will, I think, never send an e-mail to yourself, so why not block the sender for a time. After a few weeks, unblock and see if all has died down. You will need to block all e-mails ending with @joe.freeserve.co.uk

Hi Geoff,
Thank you very much ideed for the response.

The sender is always different. It looks like thousands of e-mails are being sent to random addresses and I am only getting back undeliverable posts. Each returned mail is different:

----- Transcript of session follows -----
... while talking to l1.redir.mx.voyager.net.:
>>> RCPT To:<[email protected]>
<<< 550 <[email protected]> not found
550 5.1.1 <[email protected]>... User unknown

----- Transcript of session follows -----
procmail: [10497] Tue Jun 7 09:00:01 2005
procmail: Assigning "LOGFILE=/tmp/procmaillogfile"
procmail: Opening "/tmp/procmaillogfile"
554 5.0.0 <[email protected]>... Service unavailable

These are just an example of the hundreds of returns that I am being plagued with.

I have no idea of how to stop someone from falsely\illegally using my domain name. I have contacted Freeserve and they merely say don't worry about it. This is a stupid response because if I did not have Broadband then my mailbox would be jammed.

I cannot block the @joe.freserve.co.uk because I would then not be able to receive my proper mail.

I am no expert but I thought that we all had a number e.g. 126.08.01 ???? but I am no expert and am probably wrong.

Thanks again,
John

 

[rees_A]

are the mails being routed back to you through the same administrator account? If they are you can block all mail 'from' that account or you can block administrator@*. The only time you will get a mail from admin is when a mail has failed or virus notification... All valid e-mails sent to you from non admin accounts will arrive so you will still get all your normal mail

 

[glojo]

are the mails being routed back to you through the same administrator account? If they are you can block all mail 'from' that account or you can block administrator@*. The only time you will get a mail from admin is when a mail has failed or virus notification... All valid e-mails sent to you from non admin accounts will arrive so you will still get all your normal mail

Hi Rees,
I am no expert on ths subject but the e-mails are being returned from all different types of 'mail delivery' or 'postmaster' type locations. Is that what you mean?

Keep the advice coming,
John

 

[rees_A]

If you create a rule to delete all emails from addresses that begin with failure*, postmaster* administrator*, that should get rid of most of them. Apply generic filters to the rest as they arrive. If you let me know which client you are using, I'll send info on how to set up if you don't know where to look.Hope this helps

 

[glojo]

If you create a rule to delete all emails from addresses that begin with failure*, postmaster* administrator*, that should get rid of most of them. Apply generic filters to the rest as they arrive. If you let me know which client you are using, I'll send info on how to set up if you don't know where to look.Hope this helps

Thanks very much indeed. I will pm you.
Regards,
John

 

[Madferrit]

Just another thought (i don't think its been covered) but can't you set up somewhere in your freeserve account to ONLY allow [email protected] and any other variation will be bounced back.

In my domain set up, i have allowed only a few rules to come thru.. ie, i have 4 email addresses for various bits of my business, and the rest gets bounced back (to where exactly i don't know, but it doesn't eat up my inbox quota).

Perhaps the rules that rees_A is talking about will do just this.. its all a bit confusing

 

[glojo]

Just another thought (i don't think its been covered) but can't you set up somewhere in your freeserve account to ONLY allow [email protected] and any other variation will be bounced back.

Good one, and I will try to figure out how to do just that.

Thank you very much,
John

 

[glojo]

Fingers crossed. The last half dozen e-mails were at 10-24 am and none since???

John

 

[glojo]

Rather than hog the other thread I thought it more prudent to submit the answer on this thread

John - why where you collecting e-mail from addresses you weren't interested in, rather than simply collecting from [email protected] (assumingI understand you right).

I certainly wasn't collecting the blooming things and simply could not stop them from coming.

I could go to my provider and read all the e-mails before they arrived in my in-box, but it still meant me having to delete messages not addressed to me and not wanted by me.

I think I understand your questiuon, but at freeserve there policy was they would deliver every post addressed to @joe.freeserve.co.uk.

They would not stop, or block any unregistered addresses like 123dadda or even [email protected] as far as freeserve were concerned the post was legitimate providing the last part was correct and they would not budge on this issue. With my new provider, I register as many names as I want, and only those names get delivered. A simple system that was certainly not beyond the expertise of any provider and hopefully this might help keep the post on topic?

Regards
John

 

[stevesey]

John - just found this thread. As I said in the other one (after I found this one - but it's a useful tip for others anyway), if you'd changed you settings to collect from [email protected] rather than the default joe.freeserve.co.uk you'd have left all the other mail on their server (which is what Madferrit way saying back in 2005 - did you try that?)

If you want multiple first parts - you can set up multiple accounts in Outlook express - one for each first part.

The randomly addressed mail still gets delivered on to your freeserve space on the server, just never downloaded to your PC. So every now and again you do need to clear it down - either via webmail or by another Outlook Account that isn't normally used as part of send/receive, but has a rule to dump everything it receives to the deleted items folder (although having said that I think freeserve do some auto deletion of mail that is very old and has never been downloaded - as I have set several friends up like this and never had and issue with their server space filling up).

Of course all academic now as you've moved.

 

[bolide]

You have two problems:

1 - your mail is setup to receive wildcard addresses that don't exist
2 - you are the victim of a Joe Job

You can reconfigure your setup to cure the former but there is nothing you can do about the latter

Nick Froome
www.pvision.co.uk

 

[stevesey]

You have two problems:

1 - your mail is setup to receive wildcard addresses that don't exist
2 - you are the victim of a Joe Job

You can reconfigure your setup to cure the former but there is nothing you can do about the latter

Nick Froome
www.pvision.co.uk

Although spam filters score spoofed addresses higher so are more likely to detect up joe job e-mails as spam (although they can't be too agressive as there are legit reasons for spoofing so if the mail scores OK in other areas it will get through).

N.B. John changed providers ages ago.