Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Emails being sent with url I own

Status
Not open for further replies.

JeffreyToo

Technical User
Mar 11, 2004
14
US
Hi,
I am noticing an increase of emails being sent by an url that I own but which is not set up for email nor is being used for email at this point. I am noticing this because I am receiving a number of 'out of office' autoresponses or 'address not known' emails in my inbox (to which this email url is directed since I used to use this url for email some time ago). Apparently, there is much email being generated/sent from this url since I recently received a phone call message from someone in FL (I am in NY) who has said that he is receiving alot of spam email from this url (probably getting my number since this url is forwarded to another working url that I have).

Any ideas??

Jeffrey
 
The email origin is being 'spoofed' - my guess is, based on you hearing from someone you know and you are both presumably in the others' address books, that someone you know has had their computer compromised.

But maybe I'm reading it wrong.

 
Actually, I don't even know the person. He said on the message that he is receiving emails from the url that mentino viagra, etc.

My inclination would be that there is a virus or spyware at work. A lot of times, I understand, when you receive email that looks like it is sent to you, it is actually spoofed by a virus from an email address on your system if your computer is infected. In this case, I'm sure my url is not on this person's computer, since I don't even know them. Also, my computer, as far as I know, is virus and spyware free due to regular Norton AntiVirus use.

Jeffrey
 
JeffreyToo:
The emails do not necessarily have to be sent from your system or a system on your network.

You must keep in mind that the headers on an email message are all completely arbitrary. A person in Timbuktu can, if he knows your email address or your domain name, spoof emails, sent from his server in Timbuktu, so that they look like they came from you.

And regrettably, there's not much of anything you can do about it.



Want the best answers? Ask the best questions! TANSTAAFL!
 
If I look at the full header, though, I should be able to get a IP address from which the email is originating, shouldn't I?

I was first concerned whether it was being sent from my system, computer, etc. But when it was found to be clean, then, thought it was spoofed emails using the url.

Thanks,
Jeffrey
 
If I look at the full header, though, I should be able to get a IP address from which the email is originating, shouldn't I?
Not necessarily. All SMTP headers, including routing headers, can be forged. The only routing-hop headers you can definitely trust are the ones that show a hop where the message was sent by or was received by your mail server. Any of the others can be hooey.



Want the best answers? Ask the best questions! TANSTAAFL!
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top