My email address was hijacked...?!

[dearjohn]

I've been getting returned mail notices for mail that I did not send. I contacted my ISP and they claim that it must be a virus or adware in my computer that is doing it. I use SPYBOT and ADAWARE and Norton AV. They recommended a complete reformatting of my hard drive. I dont think so.... Anyway, where do I go from here? Any advice / solutions / sympathies, etc. etc?

There is more than one address effected, all through my ISP. I have a website and I haven't had any problems with the addresses on that server.

Here is a sample - my email address on this is jblap@wideopenwest.com -

-------------------------------------

The original message was received at Fri, 4 Feb 2005 22:21:16 -0500 (EST)
from d149-67-153-135.col.wideopenwest.com [67.149.135.153]

----- The following addresses had permanent fatal errors -----
<plancho@columbus.rr.com>
(reason: 550 5.1.1 unknown or illegal alias: plancho@columbus.rr.com)

----- Transcript of session follows -----
... while talking to ms-mta-02-fn.columbus.rr.com.:

>>>>>> DATA

<<< 550 5.1.1 unknown or illegal alias: plancho@columbus.rr.com
550 5.1.1 <plancho@columbus.rr.com>... User unknown
<<< 554 5.5.0 No recipients have been specified.



Reporting-MTA: dns; txmx04.mgw.rr.com
Received-From-MTA: DNS; d149-67-153-135.col.wideopenwest.com
Arrival-Date: Fri, 4 Feb 2005 22:21:16 -0500 (EST)

Final-Recipient: RFC822; plancho@columbus.rr.com
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-02-fn.columbus.rr.com
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: plancho@columbus.rr.com
Last-Attempt-Date: Fri, 4 Feb 2005 22:21:26 -0500 (EST)



Received: from columbus.rr.com (d149-67-153-135.col.wideopenwest.com [67.149.135.153])
by txmx04.mgw.rr.com (8.12.10/8.12.8) with ESMTP id j153LFT0026980
for <plancho@columbus.rr.com>; Fri, 4 Feb 2005 22:21:16 -0500 (EST)
Message-Id: <200502050321.j153LFT0026980@txmx04.mgw.rr.com>
From: jblap@wideopenwest.com
To: plancho@columbus.rr.com
Subject: Re: Error in document
Date: Fri, 4 Feb 2005 19:49:33 -0500
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0016----=_NextPart_000_0016"
X-Priority: 3
X-MSMail-Priority: Normal
X-Virus-Scanned: Symantec AntiVirus Scan Engine
X-Virus-Scan-Result: Repaired 36326 W32.Netsky.P@mm

 

[eyec]

Message-Id: <200502050321.j153LFT0026980@txmx04.mgw.rr.com>

give the message id line to your mail server isp and have them check it out.

X-Virus-Scanned: Symantec AntiVirus Scan Engine
X-Virus-Scan-Result: Repaired 36326 W32.Netsky.P@mm

someone is using your email address to send a virus. this is typical of how a virus spreads; a robot picks up your email addres from the internet and broadcasts it to other email addresses.

 

[Marcs41]

Dear John, ;-)

One of the main reasons your address(es) get picked up by those 'bad guys' is that you post it in public, like your webserver and here.
If you post in here, use a dummy example like dearjohn@mydomain.com

As for the spoofing of your address, there really is only one thing you can do about it, change addresses, sadly enough.

Marc
[sub]If 'something' 'somewhere' gives 'some' error, expect random guesses or no replies at all.
Free Tip: The F1 Key does NOT destroy your PC![/sub]
Have a look at the shop @

http://www.cafepress.com/tektips

!