Keep receiving returned e-mails that I never sent

[monkeymagic2222]

When I check for e-mail using my dial-up ISP I keep receiving returned messages that I never sent out. They seem to be spam messages that were blocked by servers for various reasons. The wierd thing is, when I look at the returned message my address is not the sending address or receiving address, yet my address is down as the return e-mail address. I know for sure that these messages are not being sent out by me and I haven't got a virus or anything like that sending out messages. The from address is different in each message so I also know its not the same person sending e-mails with my address as the return.

Has anyone got any idea what's going on here?

 

[soonerland]

Sounds like your ISP has a problem with their server. If they are using Exchange...it sure sounds like they are an Open Relay.

 

[monkeymagic2222]

I think I have found the reason now, there's a headline on CNET News saying: (re: KLEZ Virus Will Not Die - 20th May 2002)

"In many cases, antivirus software protecting a company's e-mail gateways is sending out a response to each infected e-mail inadvertently sent out by a victim -- but that warning is going to the wrong person"

This sounds about right as the return e-mails tend to claim that a virus was sent even though the message was nothing to do with me.

 

[Guest_imported]

We have exactly the same problem. It's not a virus - it's someone bulk-mailing SPAM and using your e-mail address. That way, all the "undeliverable" messages do not bounce back to them - you have to deal with it all! Bulk e-mailers can now easily fake the "return to" or "return path" on the header information. I visited this site to see if anyone could help me figure out how to stop these irritating "returned" mails that I never sent in the first place. I've looked at the header information, but the e-mails have been relayed through so many channels that it's been impossible for me to trace the original e-mail back from it's source. Can anybody help us with this problem?

 

[choat]

This is definately the klez virus. We have experienced this problem with in our organisation. It does not mean that you're infected, rather that someone with your name in their contact list is, as klez will then send mails from their account picking someone randomly from their contact list to forge as the from header. Then when the mails are not delivered the failures go back to you. Hope this helps.

 

[Guest_imported]

I can't speak for monkeymagic2222, but ours is definitely not the klez virus. We dealt with this worm at my place of employment also, and the characteristics are much different. I also received 3 e-mails at home infected with the klez virus and could easily see in the header information where they actually came from. Plus, they all had attachments. The returned e-mails that I'm receiving now do not have any attachments, they are spam mail about "home loans" and contain our e-mail address in the "return path", but with the name of "Kristin" as the sender. They have been rejected from colleges, businesses, etc. with junk mail filtering programs such as Mailwasher and Whitemail. I did finally find the original sender's address buried in the header info., and the e-mails are originating in Korea. Because of the languge barrier, I'm not sure how to correspond with the Postmaster at that ISP - I guess I'll try to send an e-mail in English, asking them to check out the situation and see if they can help put a stop to it. I've also copied & pasted the offending e-mail & sent it to my own ISP, but I haven't heard back from them - so it's doubtful that they are willing to help. Here's a site that will help you decipher the header information & find the address of the spammer:

http://eddie.cis.uoguelph.ca/~tburgess/local/spam.html

 

[monkeymagic2222]

A few weeks before I posted on here I e-mailed my ISP about the problem. Only yesterday did I get a reply...They basically told me they had sorted the problem but didn't give me any indication what caused it, whether it was them or the Klez virus.

The e-mails that I did receive were from a number of addresses (although I hadn't checked the header to see if they originated in the same place). Some were bouncing back due to virus infected attachements and some were being sent back due to a non recognised e-mail address.

Still seems to be ok at the moment (fingers crossed!)

 

[gurner]

I hope none of people are with BTInternet because they deny any knowledge of this problem and do not aknowledge their part in it.

their advice is to set up a blocking rule for each recieved email, but i could be different eachtime and you will be building a huge list, and potentially blocking friends that don't know that you are recieving email from them.

can anyone help with a problem we are recieving with a home computer. After installing a firewall to filter out stuff such as a potential KLEZ virus, but once it was running i could dial up to my ISP but couldn't go anywhere.

so i uninstalled it, but still had no access anywhere. I tried pinging lots of people by name and IP but by name was unrecognisable and by IP address came back error code 10050.

I have completly removed cookies, history, restored all defaults but still no joy (on BTInternets advice).

The ISP is as helpful as a chocolate dart board

IP assignment is via DHCP, Release/Renew doesn't seem to respond which is odd.