tag:blogger.com,1999:blog-7575061201749703300.post2939465425715517339..comments2024-02-28T20:56:23.768-06:00Comments on Sipsey Street Irregulars: Why am I getting bounce-backs on emails I never sent?Dutchman6http://www.blogger.com/profile/09935420042995679958noreply@blogger.comBlogger22125tag:blogger.com,1999:blog-7575061201749703300.post-1128438043364921622010-05-24T06:56:04.381-05:002010-05-24T06:56:04.381-05:00The previous posts have it in the bag, either some...The previous posts have it in the bag, either someone is deliberately attemtping to spoof you or an infection has aquired their address book.<br /><br />Avast5 is a really good virus scanner with a bootime feature that is quite effective. Additionally, to keep safe from other types of malware, consider installing and running MalwareBytes (from Malwarebytes.org) for a very effective malware scan.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-77077393438347941382010-05-24T02:47:20.279-05:002010-05-24T02:47:20.279-05:00http://en.wikipedia.org/wiki/Backscatter_%28e-mail...http://en.wikipedia.org/wiki/Backscatter_%28e-mail%29<br /><br />-S<br />IIIAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-66911018336469580642010-05-24T00:46:23.927-05:002010-05-24T00:46:23.927-05:00One other thing.....
My e-mail /ISP has an online...One other thing.....<br /><br />My e-mail /ISP has an online sign-on option. I can use my web browser to "login" to my mail and view the subjects and senders without actually having to download them. I can delete anything I don't want without having to open them.... then I pull them down. If you have that option, it can save heartache. Does create a couple extra steps, but it's been worth it for me. I haven't had anything like that since instituting this policy.III more than themnoreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-90147508534889939612010-05-24T00:40:24.373-05:002010-05-24T00:40:24.373-05:00http://housecall.trendmicro.com/
Trend Micro's...http://housecall.trendmicro.com/<br />Trend Micro's Online Housecall. Free.<br /><br />Entering "szgmyxgs@163.com" into a Firefox browser elicits a message that you are trying to log into a server that does NOT require authorization, and says that it "may be an attempt to trick you." <br /><br />Entering 163.com into the Whois search feature returns this, "The IP address from which you have visited the Network Solutions Registrar WHOIS database is contained within a list of IP addresses that may have failed<br />to abide by Network Solutions' WHOIS policy."<br /><br />You might have an e-mail redirector on your box, or a worm.<br /><br />I'd run the Trend Micro tool.<br />Also, "Ad Aware" http://www.lavasoft.com/single/trialpay.phpIII more than themnoreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-7315667990523994662010-05-24T00:18:28.402-05:002010-05-24T00:18:28.402-05:00There's an IP address in the header informatio...There's an IP address in the header information.<br /><br />Google "IP trace" whenever you see and input that address as follows:<br /><br />http://www.ip-adress.com/ip_tracer/64.12.206.39<br /><br />That's in Wichita.<br /><br />You can also google "traceroute" and do the same to see the "hops", and trace the IP at each location along the route. When it hits Timeout, the last IP is the end of the trace.<br /><br />What does all this do for you? Nothing really, except reduce the feeling of total helplessness a little.<br /><br />The China IP is:<br /><br />220.181.8.90<br /><br />Good luck.Pwaihttps://www.blogger.com/profile/00858303838973634959noreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-67172650442147014092010-05-23T22:34:02.444-05:002010-05-23T22:34:02.444-05:0020 years in IT - I know of which I speak.
Scott J...20 years in IT - I know of which I speak.<br /><br />Scott J nailed it.<br /><br />Somewhere out there, someone (or someTHING) is sending mail (probably a worm mailing copies of itself) claiming to be from you.<br /><br />Don't feel bad - it's also sending mail claiming to be FROM every other person in the victim's address-book.<br /><br />Since the receiving system doesn't know who the real sender is, it sends the response to YOU.<br /><br />These worms SUCK - especially because it makes it impossible to know who is infected.<br /><br />What can YOU do?<br /><br />Nothing.<br /><br />Well, on second thought the one thing you CAN do is be prepared to explain when people start complaining about mail "you" are sending...<br /><br />Otherwise, ignore it.<br /><br />DDDedicated_Dadhttps://www.blogger.com/profile/06375339835638311982noreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-15266286479754964812010-05-23T21:46:34.990-05:002010-05-23T21:46:34.990-05:00I used to get hundreds of these a day - I have one...I used to get hundreds of these a day - I have one particular email address that is 14 years old. You may notice that the email that was supposedly from you was sent by a program you do not use. This is a sure sign that somebody else's addressbook was hacked.<br />I ended up changing my ISP for that address. I still get those spam-bounces, but they stay at the new ISP's spam dumpster and out of my inbox.<br />Your current ISP may be able to help you with this.J4rh34dhttps://www.blogger.com/profile/14759694044252710582noreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-26333627091136203792010-05-23T19:41:57.650-05:002010-05-23T19:41:57.650-05:00It could be one of a few things. First thing that...It could be one of a few things. First thing that comes to mind is "worm sign" from someone else's email address book that is being used by the worm/virus. Could also be some internet criminal who owns a "botnet or spambot" and your email address is being used. Finally there could be some email routing issue(s) at AOL or some other ISP, ie their DNS server may be compromised.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-26480036163460591702010-05-23T18:19:05.312-05:002010-05-23T18:19:05.312-05:00That's an NDR from someone with a poorly confi...That's an NDR from someone with a poorly configured MX. Ignore it.<br /><br />Rhett IIIAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-75300955894734903512010-05-23T18:05:05.738-05:002010-05-23T18:05:05.738-05:00Another vote for Avast free version, also suggest ...Another vote for Avast free version, also suggest spywareblaster and spyware terminator, all available @ majorgeeks.com.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-89053894362996163722010-05-23T18:00:03.553-05:002010-05-23T18:00:03.553-05:00Well, I typed this in the address bar:
http://hel...Well, I typed this in the address bar:<br /><br />http://help.163.com/09/1224/17/5RAJ4LMH00753VB8.html<br /><br />Of course, you'll have to type that in yourself to see the Chinese page.<br /><br />Then, I typed this in the search bar:<br /><br />rfc822;szgmyxgs@163.com<br /><br />And came up with ... type it in the search bar to get to the page:<br /><br />Sipsey Street Irregulars: Why am I getting bounce-backs on emails ...<br />May 23, 2010 ... Original-Recipient: rfc822;szgmyxgs@163.com. Final-Recipient: RFC822; szgmyxgs@163.com. Action: failed. Status: 5.0.0 ...<br />sipseystreetirregulars.blogspot.com/.../why-am-i-getting-bounce-backs-on-emails.html - 4 hours ago<br /><br />AND:<br /><br />news aggregator | End the War on Freedom<br />comFinal-Recipient: RFC822; szgmyxgs@163.comAction: failedStatus: 5.0.0Remote-MTA: DNS; 163mx04.mxmail.netease.comDiagnostic-Code: SMTP; 554 DT:SPM mx31, ...<br />billstclair.com/blog/aggregator - 2 hours ago<br /><br /><br />I haven't done them all, but I would say you have been hi-jacked.<br /><br />For those who are not "program savvy" ... Iolo System Mechanic Professional comes in handy of keeping the pirates at bay.<br /><br />http://www.iolo.com/system-mechanic/pro/Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-35332138640548134112010-05-23T15:59:22.167-05:002010-05-23T15:59:22.167-05:00I concur with Scott J. Avast is a great anti-vir...I concur with Scott J. Avast is a great anti-virus and once installed you can pretty much forget about it. Make sure that you use the McAffe scan first though,(avast sees the scan as a virus and blocks it) <br /><br />This is actually pretty simple and not as suspicious as you might believe.(basically saying, this more than likely isn't some .GOV attack on you.)Diogeneshttps://www.blogger.com/profile/06728053309068254820noreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-45250271108342356072010-05-23T15:56:28.103-05:002010-05-23T15:56:28.103-05:00Could also be a spambot on your ISP's servers ...Could also be a spambot on your ISP's servers using your valid address to send spam to others in your email list and they're bouncing. Happens to my older hotmail account once in a while. Forward the whole thing (without any additional comment)to your provider's abuse address and they'll usually ferret out and block the bot after a day or so. It'll come back from time to time, probing and hijacking as often as it's programmed to check for availability. It may also be due to your (now) higher profile in the world. Sometimes the little darlings who spread these will get on a political panties in a bunch and go after those they don't agree with.<br /><br />This is another good reason for all of us to only send text and not html in mail. Makes it easier to keep the viruses down.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-8655388403493149012010-05-23T15:01:56.304-05:002010-05-23T15:01:56.304-05:00You've been Joe Jobbed
http://en.wikipedia.org...You've been Joe Jobbed<br />http://en.wikipedia.org/wiki/Joe_job<br /><br />"A joe job is a spamming technique that sends out unsolicited e-mails using spoofed sender data. Early joe jobs aimed at tarnishing the reputation of the apparent sender or inducing the recipients to take action against him ..."barrycarenoreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-19150127584972221122010-05-23T14:51:24.778-05:002010-05-23T14:51:24.778-05:00Your address book has been hacked... Your best bet...Your address book has been hacked... Your best bet is to change your email addy to a new one, otherwise it will only get worse.Old NFOhttps://www.blogger.com/profile/16404197287935017147noreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-46910893763796103992010-05-23T14:43:23.663-05:002010-05-23T14:43:23.663-05:00Every once in a while I get a massive number of th...Every once in a while I get a massive number of these things to my "editor@" address at The Price of Liberty. At one point I was getting nearly 500 spam emails a day, much of it porn.<br /><br />My on line spam/varmint filter catches them ALL. Your ISP should be catching these for you as well. Talk to your ISP provider.<br /><br />Do that or get some sort of heavy duty anti=spam/virus software before you clean your machine. Otherwise, you'll just get reinfected.<br /><br />Technology, never more than half a step ahead of the vandals and psychopaths, unfortunately.MamaLibertyhttp://www.thepriceofliberty.orgnoreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-42311842585205282072010-05-23T14:41:41.975-05:002010-05-23T14:41:41.975-05:00Scott J is correct but it would be a good idea to ...Scott J is correct but it would be a good idea to check out your system as well. Another free online scan that seems to work pretty well can be found at trendmicro.com. <br /><br />WeaverWeaverhttps://www.blogger.com/profile/05570277329224724358noreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-38654919194010144702010-05-23T14:19:51.109-05:002010-05-23T14:19:51.109-05:00Your email address is being used as a bogus-but-pl...Your email address is being used as a bogus-but-plausible source address for spam. It's been happening to me sporadically since 1994.Mike Gogulskihttp://www.nostate.com/noreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-40294746354496496692010-05-23T14:15:52.755-05:002010-05-23T14:15:52.755-05:00Someone is probing your mailbox to see if it's...Someone is probing your mailbox to see if it's real. This is one method commercial mailing lists use to verify their lists. Make sure your inbox filters are strict enough and eventually (after five or ten years) they will stop.<br /><br />Dismal, I know. Such is life in cyberspace.Brian K Millerhttps://www.blogger.com/profile/02184256581832572001noreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-76851252515943203662010-05-23T14:12:56.538-05:002010-05-23T14:12:56.538-05:00I´m no geek but I would do a virus check,delete th...I´m no geek but I would do a virus check,delete the file and do a system restore. I think you have been attacked by a virus.<br /><br /> Dennis<br /> III<br /> TexasDennis308noreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-49803931584866763722010-05-23T14:07:29.848-05:002010-05-23T14:07:29.848-05:00Sounds like a virus to me.Sounds like a virus to me.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7575061201749703300.post-80105356094976131152010-05-23T13:57:02.546-05:002010-05-23T13:57:02.546-05:00Someone who has your address in their addressbook ...Someone who has your address in their addressbook has gotten a rather common virus that mines that person's address book for addresses and then mails itself out with those mined addresses as the sender.<br /><br />The receiving system detects the threat and bounces a message back to the spoofed sender. You in this case.<br /><br />The person with the infected computer needs to run something like McAfee Stinger to kill the active bug: http://vil.nai.com/vil/stinger/<br /><br />And then get some quality anti-virus installed. I like Avast because it's effective, has a free version and has an easy to use boot-time scan (the only way to truly clean viruses): http://www.avast.com/indexScott Jnoreply@blogger.com