|
|
Virus?
On Fri, 5 Dec 2008 13:34:22 -0500, Nightsky wrote:
I keep getting mail from a MAILER DAEMON that my message could not be delivered. The actual message displayed is in Spanish, and I never wrote or sent such a message. What can I do about this? You can run a full suite of products designed to detect malware; but, if the results are negative, you are probably the victim of forgery. Spammers like to use actual email addresses they are not authorized to use to fake a sender, as a way of fooling spam filters. They usually rotate the forged email address, and this will pass. Other than filtering the "MAILER-DAEMON" messages, and riding out the storm, you could either kill that account, or just not do anything at all. I've had a Yahoo! Mail account forged, and had spammers forge non-existent users to my domain. It is just the nature of their nefarious business. -- Norman ~Oh Lord, why have you come ~To Konnyu, with the Lion and the Drum |
Virus?
Those can be one of 4 things:
1) Some spammer is sending the original messages and using your e-mail address as the sender. 2) Someone else has a PC infected with a virus and the virus is sending itself as the original message and using your e-mail address as the sender. 3) The message is the virus itself, pretending to be a returned mail. 4) Your PC is infected with a virus and it has been sending itself. And this is really a returned mail that your PC sent. In cases 1, 2, and 3 above, the messages are not coming from your PC and are not going through your e-mail account. There's nothing you can do to prevent anyone from sending an e-mail with your e-mail address as the From header, just as you can't prevent anyone from sending a postal mail and putting your name and address as the return address. At this point all you can do is filter out the messages. Your ISP may offer some filtering at the mail server. To make sure that case 4 above is not the cause, you should check your PC with an updated anti-virus program. From a quick look at the headers you supplied, it's most likely # 1. -- Mike - http://pages.prodigy.net/michael_santovec/techhelp.htm "Nightsky" wrote in message ... I keep getting mail from a MAILER DAEMON that my message could not be delivered. The actual message displayed is in Spanish, and I never wrote or sent such a message. What can I do about this? Here is the entire message and header: X-Apparently-To: via 68.142.201.112; Fri, 05 Dec 2008 06:59:35 -0800 X-Originating-IP: [200.42.0.146] Authentication-Results: mta122.sbc.mail.re3.yahoo.com from=postino12.prima.com.ar; domainkeys=neutral (no sig) Received: from 207.115.20.192 (EHLO flpi190.prodigy.net) (207.115.20.192) by mta122.sbc.mail.re3.yahoo.com with SMTP; Fri, 05 Dec 2008 06:59:33 -0800 X-Header-Overseas: Mail.from.Overseas.source.200.42.0.146 X-Originating-IP: [200.42.0.146] Received: from postino12.prima.com.ar (postino12.prima.com.ar [200.42.0.146]) by flpi190.prodigy.net (8.13.8 inb regex/8.13.8) with SMTP id mB5ExVnM018151 for ; Fri, 5 Dec 2008 06:59:32 -0800 Message-Id: Received: (qmail 3055 invoked for bounce); 5 Dec 2008 14:59:31 -0000 Date: 5 Dec 2008 14:59:31 -0000 From: To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="1228489171postino12.prima.com.ar1816855" Subject: failure notice --1228489171postino12.prima.com.ar1816855 (postino12.prima.com.ar) Su mensaje no pudo ser entregado - Sua mensagem nao pode ser enviada - Your message could not be delivered. : Esta casilla ha expirado por falta de uso. --- Mensaje original adjunto. --1228489171postino12.prima.com.ar1816855 Content-Type: message/rfc822 Return-Path: Received: (qmail 3032 invoked from network); 5 Dec 2008 14:59:31 -0000 Received: from unknown (HELO 200.42.0.146) (24.232.42.44) by postino12.prima.com.ar with SMTP; 5 Dec 2008 14:59:31 -0000 Received: from (HELO fl2o) [124.238.237.155] by 200.42.0.146 id v5snGt9dS628; Fri, 05 Dec 2008 10:54:32 -0400 Message-ID: j5t1-z9d81601ashd4ab@gsrn71xclg1x7 From: "" Reply-To: "" To: Subject: Compramos su casa, departamento, local, etc. Date: Fri, 05 Dec 2008 10:54:32 -0400 X-Mailer: eGroups Message Poster MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="D1EA_FD_._.0D_E7" X-Priority: 3 --D1EA_FD_._.0D_E7 Content-Type: text/plain; Content-Transfer-Encoding: quoted-printable Compro su propiedad, pago en efectivo Aproveche antes de que la crisis global se profundice para vender Compro locales, oficinas, departamentos, casas, etc. solo en capital feder= al y gran buenos aires, interior abstenerse. En cualquier estado Solo propiedades hasta US$100.000 Envienos en mail con el detalle de la propiedad que desea vender a argenti= incluyendo toda la informacion posible No responda este mail ya que no sera leido =20 --D1EA_FD_._.0D_E7-- --1228489171postino12.prima.com.ar1816855-- |
Virus?
Delete any such messages, unopened and unread.
Nightsky wrote: I keep getting mail from a MAILER DAEMON that my message could not be delivered. The actual message displayed is in Spanish, and I never wrote or sent such a message. What can I do about this? Here is the entire message and header: X-Apparently-To: via 68.142.201.112; Fri, 05 Dec 2008 06:59:35 -0800 X-Originating-IP: [200.42.0.146] Authentication-Results: mta122.sbc.mail.re3.yahoo.com from=postino12.prima.com.ar; domainkeys=neutral (no sig) Received: from 207.115.20.192 (EHLO flpi190.prodigy.net) (207.115.20.192) by mta122.sbc.mail.re3.yahoo.com with SMTP; Fri, 05 Dec 2008 06:59:33 -0800 X-Header-Overseas: Mail.from.Overseas.source.200.42.0.146 X-Originating-IP: [200.42.0.146] Received: from postino12.prima.com.ar (postino12.prima.com.ar [200.42.0.146]) by flpi190.prodigy.net (8.13.8 inb regex/8.13.8) with SMTP id mB5ExVnM018151 for ; Fri, 5 Dec 2008 06:59:32 -0800 Message-Id: Received: (qmail 3055 invoked for bounce); 5 Dec 2008 14:59:31 -0000 Date: 5 Dec 2008 14:59:31 -0000 From: To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="1228489171postino12.prima.com.ar1816855" Subject: failure notice --1228489171postino12.prima.com.ar1816855 (postino12.prima.com.ar) Su mensaje no pudo ser entregado - Sua mensagem nao pode ser enviada - Your message could not be delivered. : Esta casilla ha expirado por falta de uso. --- Mensaje original adjunto. --1228489171postino12.prima.com.ar1816855 Content-Type: message/rfc822 Return-Path: Received: (qmail 3032 invoked from network); 5 Dec 2008 14:59:31 -0000 Received: from unknown (HELO 200.42.0.146) (24.232.42.44) by postino12.prima.com.ar with SMTP; 5 Dec 2008 14:59:31 -0000 Received: from (HELO fl2o) [124.238.237.155] by 200.42.0.146 id v5snGt9dS628; Fri, 05 Dec 2008 10:54:32 -0400 Message-ID: j5t1-z9d81601ashd4ab@gsrn71xclg1x7 From: "" Reply-To: "" To: Subject: Compramos su casa, departamento, local, etc. Date: Fri, 05 Dec 2008 10:54:32 -0400 X-Mailer: eGroups Message Poster MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="D1EA_FD_._.0D_E7" X-Priority: 3 --D1EA_FD_._.0D_E7 Content-Type: text/plain; Content-Transfer-Encoding: quoted-printable Compro su propiedad, pago en efectivo Aproveche antes de que la crisis global se profundice para vender Compro locales, oficinas, departamentos, casas, etc. solo en capital feder= al y gran buenos aires, interior abstenerse. En cualquier estado Solo propiedades hasta US$100.000 Envienos en mail con el detalle de la propiedad que desea vender a argenti= incluyendo toda la informacion posible No responda este mail ya que no sera leido =20 --D1EA_FD_._.0D_E7-- --1228489171postino12.prima.com.ar1816855-- |
| All times are GMT +1. The time now is 06:38 AM. |
Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 2.4.0
Copyright ©2004-2006 OutlookBanter.com