Alright! Now this is really beginning to bug me. Email issue.

Discussion in 'After Hours Lounge (Off Topic)' started by Wade, Jun 17, 2004.

  1. Wade

    Wade Stunt Coordinator

    Joined:
    Jun 30, 1997
    Messages:
    147
    Likes Received:
    0
    About a week or so ago I started to get these emails that appeared to be delivery failure notices, but the thing is I've never sent any emails to the recipients. The subject of these emails is always "Delivery Failure: User XXXXXX ([email protected]) not listed in public name and address book". There is always a different name where the XXXXXX's are and the email is from [email protected]. Sometimes I only get one or two, other times twenty to thirty.

    The body of this email is:

    Your message

    Subject: Wir haben die Auslaender doch geholt?! 'Id:1670'

    was not delivered to:

    [email protected]

    because:

    User XXXXXX ([email protected]) not listed in public Name & Address Book

    I translated the subject that was in the body of the this email and I got this: "We got the foreigners nevertheless". That's just freakin' lovely. Not!

    I just now started to get this email:

    From: [email protected]
    To: Me of course
    Subject: Returned mail: delivery problems encountered
    Body:

    A message (from ) was received at 17 Jun 2004 14:23:21 +0000.

    The following addresses had delivery problems:

    [email protected]
    Permanent Failure: 522_mailbox_full;_sz=10485704/10485760_ct=1751/10000
    Delivery last attempted at Thu, 17 Jun 2004 14:23:22 -0000

    I've never sent anything to [email protected]. Don't even know what, who or where the hell that is.

    I've gotten another set of emails bounced back from another domain but I deleted these without thinking about it.

    Also, all emails have a .dat file and what appears to be a text file of some sort.

    What can I do here? Is somebody somehow using my email address. The first one is kind of strange.

    Thanks,
    Wade
     
  2. CalvinCarr

    CalvinCarr Supporting Actor

    Joined:
    Dec 4, 2003
    Messages:
    512
    Likes Received:
    0
    Something has gotten to your e-mail account. They send out bulk messages without you knowing and some of the addresses are non working so you get a failure reciept. They don't even appear in your outbox or sent folder either do they.
     
  3. Wade

    Wade Stunt Coordinator

    Joined:
    Jun 30, 1997
    Messages:
    147
    Likes Received:
    0

    Nope. I am assuming that's because I never sent them.

    Wade
     
  4. CalvinCarr

    CalvinCarr Supporting Actor

    Joined:
    Dec 4, 2003
    Messages:
    512
    Likes Received:
    0
    No you didn't send them but a bug did...[​IMG] Nasty little things get in there, send and leave no trail.
     
  5. D. Scott MacDonald

    D. Scott MacDonald Supporting Actor

    Joined:
    Oct 10, 1999
    Messages:
    545
    Likes Received:
    0
    I had this happen to me, but with a couple of differences.

    1. The name of the sender (supposedely me) was not my name, but the return email address was mine. This verified that whoever sent these had nothing to do with me or my machine (i.e. not a bug that was alluded to above), and was simply patching the return address with my email address.

    2. The email contained a virus, so I got lots of nasty messages from lots of people, accusing me of doing very bad things and containing several threats.

    Oh well, nothing I could do about it and it appeared to be a one-time occurrence.
     
  6. Johnny_M

    Johnny_M Second Unit

    Joined:
    Apr 6, 2004
    Messages:
    281
    Likes Received:
    0
    What can also happen is this, when someone sets up an email account they can specify a different return email address. Because they are spamming they make up and address. Is your email a fairly common simple email address? They may have just randomly chose that. Then they send out all their spam msgs to many email address, many of which are no good emails, then then the server rejects those emails and instead of returning them to the sender they get forwarded to the secondary email address, which turns out to be yours.

    Johnny
     
  7. Wade

    Wade Stunt Coordinator

    Joined:
    Jun 30, 1997
    Messages:
    147
    Likes Received:
    0
    I suppose it's a fairly simple address. I really don't want to change it but I will if I have to. It's my junk email address I use for the net and newsgroups, which I just started posting to this week, so it didn't come from there.

    I just changed that email password, ran Norton and Stinger. Nothing! I don't have a software firewall but I am running a Firewall router. I just hope it's setup correctly.

    I don't think this is coming from my machine. It's most likely the scenario Johnny just posted.

    Thanks,
    Wade
     
  8. Leila Dougan

    Leila Dougan Screenwriter

    Joined:
    Mar 27, 2002
    Messages:
    1,352
    Likes Received:
    0
    In all probability, your email address is in a few people's addressbooks on their PCs. One of those people got a virus/worm that harvests email addresses and yours was included. It then started sending itself out to everyone else, using your address as the spoofed "from". Or, the harvested addresses went to spammer. In any case, the from field was spoofed so all failure notices go to you.

    Basicaly, you're not infected and there's not much you can do but try to filter the messages out the best you can.
     
  9. Glenn Overholt

    Glenn Overholt Producer

    Joined:
    Mar 24, 1999
    Messages:
    4,203
    Likes Received:
    0
    IMO, doesn't matter what your address is. The bulk email jerks run a program that creates likely addressess and sends them out as a test. If they come back they are deleated, but now they have yours.

    They will use it as an origin point or as a relay point to send out more crap. You didn't do anything wrong, and no one has 'borrowed' your PC, in the real sense.

    I wish someone would find out these origin points so that we could send this crap back to them - so much of it that their ISP shuts them down.

    Glenn
     
  10. DaveDickey

    DaveDickey Stunt Coordinator

    Joined:
    Aug 18, 2003
    Messages:
    235
    Likes Received:
    0
    I had a similar problem. I just changed my E-mail address and that worked like a charm. I've read that using numbers and letters in combination is more effective at filtering spam than letters alone. I don't know if that's true or not.
     
  11. Jason_Els

    Jason_Els Screenwriter

    Joined:
    Feb 22, 2001
    Messages:
    1,096
    Likes Received:
    0
    From Symantec's Security Response website:


    This means you aren't necessarily infected but a computer with your email address in it is. Just update your virus definitions manually and run a full system scan. You should be ok.
     
  12. Kirk Gunn

    Kirk Gunn Screenwriter

    Joined:
    Aug 16, 1999
    Messages:
    1,609
    Likes Received:
    0
    Using a simple program called Outlook Express you can send e-mail "from" anyone. George W, Elvis, whomever....

    Spammers have a field day with this functionality because it makes their viagra/financing/porn/virus/whatever appear like it's coming from a legitimate address so the recipient is more likely to open, read and make a purchase.

    If the recipient is not valid, YOU are the one that gets the Non-Deliverable report as you noted above.

    Internet mail is based on a standard called SMTP, which stands for Simple Mail Transport Protocol. The emphasis is on "SIMPLE", meaning simple to f-ck with people's minds via e-mail.... and create havoc with corporate jerks that demand to use internet e-mail as a business-critical application without accepting the risks (ok - sorry, went into a work rant)
     
  13. brentl

    brentl Cinematographer

    Joined:
    May 7, 1999
    Messages:
    2,921
    Likes Received:
    1
    I ONLY use Yahoo mail so they can't get addresses from the book.

    I've gotten about 40 "undeliverable'" or "failed" messages and I don't have a virus.

    Brent
     
  14. Joseph DeMartino

    Joseph DeMartino Lead Actor

    Joined:
    Jun 30, 1997
    Messages:
    8,311
    Likes Received:
    13
    Location:
    Florida
    Real Name:
    Joseph DeMartino


    You misunderstood. Nobody is getting your e-mail addres from your address book. Your e-mail address is in the address book of someone who has been hit with a trojan/virus/whatever. That little beast sends out e-mails to people in the infected user's address book and uses a fake from address stolen from that same address book. If yours is the stolen address all the e-mails appear to come "from" you. Those that go to out of date addresses or which get intercepted by firewalls or corporate anti-virus software generate delivery failure or virus warning messages to the "from" address - which is yours, even though you never sent any of the mail.

    Using Yahoo, or Hotmail or a particular e-mail program/anti-virus program/firewall/spam filter cannot protect you from this sort of thing because nothing is happening on your computer or to your e-mail acccount. You are feeling the effects of somebody else's problem. The only way to eliminate the problem is never to give anyone your e-mail adddress - which means either never using e-mail or making everyone you send it to promise that they won't save your name to their address book. And then hope that each and every one of them does so.

    Regards,

    Joe
     
  15. Yee-Ming

    Yee-Ming Producer

    Joined:
    Apr 4, 2002
    Messages:
    4,358
    Likes Received:
    10
    Location:
    "on a little street in Singapore"
    Real Name:
    Yee Ming Lim
    Annoying, innit? Happened to me, and to make matters worse, my email address wound up on some blacklist, so some work-related email couldn't get through to one of the recipients, since his office had better security (I guess) than most and they filtered email from "blacklisted addresses".

    Fortunately, it wasn't critical and also his colleagues in a different office (in a different country) received it so everyone was still kept in the loop.
     
  16. Michael Pineo

    Michael Pineo Stunt Coordinator

    Joined:
    Sep 17, 1998
    Messages:
    138
    Likes Received:
    0
    I believe Leila and Joseph are right. Worms like that are extremely common now. We are constantly getting calls on the helpdesk now from people getting delivery failures for messages they never sent. Someone who has them in an address book has been infected and is sending out emails with a spoofed email address. I think the last big one was Zafi.b. Lovgate was another one.

    Also, most of them have their own built in SMTP engine, so I don't think you would see outgoing mails in your sent items even if you were infected.

    Unfortunately, there really isn't anything you can do except delete the delivery failures that you receive.

    MikeP
     
  17. Wade

    Wade Stunt Coordinator

    Joined:
    Jun 30, 1997
    Messages:
    147
    Likes Received:
    0
    I believe I've narrowed down who has the infected machines. I recently inquired about new pinball machines prices from a couple of distributers. This make sense considering the first emails I received were bounced back from Namco UK. Now I am getting delivery failure notices from [email protected]. From what I have been able to gather this was once the Signature Sales & Service domain. Apparently this is another coin-op business.

    Wade
     
  18. D. Scott MacDonald

    D. Scott MacDonald Supporting Actor

    Joined:
    Oct 10, 1999
    Messages:
    545
    Likes Received:
    0

    While this may be the case in many cases, this was definitely not the case with me. In my case, the return address listed the name "Susan MacDougall" rather than "Scott MacDoanld", but the email address was mine. If the information was mined from somebodies address book, it would have gotten my name right. In my case, it was simply somebody spoofing the return address in a mass mailing, and there's not much that you can do about that (and it's pretty easy to do as Kirk Gunn pointed out).
     
  19. Dick

    Dick Producer
    Supporter

    Joined:
    May 22, 1999
    Messages:
    5,774
    Likes Received:
    1,800
    Real Name:
    Rick
    I think some of this stuff is spam, too. I've many times received an email from [email protected] or some such shit with a header indicating "Permanent Failure," "Returned Message," etc. I do not even open these.
     

Share This Page