Returned Emails that I did not send

C

Contraband

New Member
Joined
Oct 16, 2012
Messages
1
Reaction score
0
Location
Cape Town
I get hundreds of emails that I did not send, returned to me as undelivered email. They all have an attached original document that shows FROM: My Address REPLY TO : Another Address

How do I stop this nonsense ??????????????????????????
 
Contraband said:
I get hundreds of emails that I did not send, returned to me as undelivered email. They all have an attached original document that shows FROM: My Address REPLY TO : Another Address

How do I stop this nonsense ??????????????????????????
Click to expand...

You can't. :( Someone is using your email address through an open outgoing mail server.
While said person wouldn't have access to your actual mailbox they can still send
emails using your (or anyone else's) email address.

There must be a reason they're using your particular email though. Usually this happens
if it's a high profile company email i.e [email protected] or
[email protected].
 
It's another reason to hate the nefarious deeds of spammers... Had the same thing happen to myself a while ago, you just have to sit it out.
 
Totempole said:
You can't. :( Someone is using your email address through an open outgoing mail server.
While said person wouldn't have access to your actual mailbox they can still send
emails using your (or anyone else's) email address.

There must be a reason they're using your particular email though. Usually this happens
if it's a high profile company email i.e [email protected] or
[email protected].
Click to expand...

Why can't email somehow evolve or be improved to stop this kind of thing? It and why is this even possible in the first place?
 
Happened to me like 6 months ago. Seemed that someone in Spain was doing it. Happened to me 3 times in like 2 weeks, changed my password and its been normal since then.
 
Viva said:
Why can't email somehow evolve or be improved to stop this kind of thing? It and why is this even possible in the first place?
Click to expand...
There have been extensions to the email protocol for about 5 years to prevent this. Ask your email administrator to configure your mail domain for SPF and DKIM. The spammers will normally give up using your address pretty soon after that.
 
Viva said:
Why can't email somehow evolve or be improved to stop this kind of thing? It and why is this even possible in the first place?
Click to expand...

It has,but people need to implement it for it to actually work
 
MR.C said:
Happened to me like 6 months ago. Seemed that someone in Spain was doing it. Happened to me 3 times in like 2 weeks, changed my password and its been normal since then.
Click to expand...

Changing your email password would not help. Rather try the two posts above this one.
 
If you own the domain of your email address, ask your hosting company to setup SPF records on the DNS. If your email is through an ISP, ask them to setup SPF records on their DNS for their domain.

SPF is a verification on the domain to see if the mail server sending mail as you (the domain) is verified to do so. This will stop spammers from spoofing your email as the guy who is sending it to someone else.
 
MR.C said:
Happened to me like 6 months ago. Seemed that someone in Spain was doing it. Happened to me 3 times in like 2 weeks, changed my password and its been normal since then.
Click to expand...

I had the same problem, changed my password and it stopped instantly.
 
AcidRaZor said:
If you own the domain of your email address, ask your hosting company to setup SPF records on the DNS. If your email is through an ISP, ask them to setup SPF records on their DNS for their domain.

SPF is a verification on the domain to see if the mail server sending mail as you (the domain) is verified to do so. This will stop spammers from spoofing your email as the guy who is sending it to someone else.
Click to expand...

I've set up SPF and key protection on my domain as well. It has reduced it but does not do away with it, as not all receiving MTAs will enforce the rules I've requested.

Password will have no effect unless your account is actually compromised and someone is using your details to log into your SMTP server to send mail.
 
McGuywer said:
Changing your email password would not help.
Click to expand...
On the contrary. A large number of these spam incidents are as a result of compromised email passwords. There aren't many open relays left on the Internet but there are millions of closed relays with weak user passwords.

Minimum of 8 characters (but 10-12 is better), include numerals and it should be completely random with no dictionary words. Preferably use a password generator.
 
Last edited:
GrahamBeneke said:
On the contrary. A large number of these spam incidents are as a result of compromised email passwords. There aren't many open relays left on the Internet but there are millions of closed relays with weak user passwords.

Minimum of 8 characters (but 10-12 is better), include numerals and it should be completely random with no dictionary words. Preferably use a password generator.
Click to expand...

That's simply not true. There are quite a bit of open relays left (Telkom is one) and it's quite easy for malware to infect your PC and start sending email like crazy making your PC into a small mail server.

Sinbad said:
I've set up SPF and key protection on my domain as well. It has reduced it but does not do away with it, as not all receiving MTAs will enforce the rules I've requested.

Password will have no effect unless your account is actually compromised and someone is using your details to log into your SMTP server to send mail.
Click to expand...

I've worked with mail software since 2003 (including spam using spamassassin etc) and since about 2004-2005 all mail software that I know of (both on linux and windows, and some of the biggest packages out there) adhere to the SPF rules by default. Obviously you have the option to switch them off, but a default install has those turned on.

It effectively nullified all of the spoofs the spammers tried to make using my emails, and I have had the same domain/emails since 1999. So I get quite a bit of spam (thank god for aliasing)
 
Viva said:
Why can't email somehow evolve or be improved to stop this kind of thing? It and why is this even possible in the first place?
Click to expand...

Not sure what can be done to prevent this, but the reason it can happen is because most outgoing mail servers don't require any sort of authentication, whereas most incoming mail servers do. So, for example if my ISP is Cybersmart i can use any email address to send an email with as long as I use the smtp.cybersmart.co.za outgoing server.
 
Totempole said:
Not sure what can be done to prevent this, but the reason it can happen is because most outgoing mail servers don't require any sort of authentication, whereas most incoming mail servers do. So, for example if my ISP is Cybersmart i can use any email address to send an email with as long as I use the smtp.cybersmart.co.za outgoing server.
Click to expand...

There are measures in place. Read the posts above about SPF and key signing.

SPF basically says to receiving mail servers that "ONLY these servers are allowed to deliver mail FROM this domain".
The signing solution means that the valid sending servers sign the headers of each mail - servers which do not have your domain's private key cannot sign them correctly.
 
ambo said:
There have been extensions to the email protocol for about 5 years to prevent this. Ask your email administrator to configure your mail domain for SPF and DKIM. The spammers will normally give up using your address pretty soon after that.
Click to expand...

PsyWulf said:
It has,but people need to implement it for it to actually work
Click to expand...

Totempole said:
Not sure what can be done to prevent this, but the reason it can happen is because most outgoing mail servers don't require any sort of authentication, whereas most incoming mail servers do. So, for example if my ISP is Cybersmart i can use any email address to send an email with as long as I use the smtp.cybersmart.co.za outgoing server.
Click to expand...

Thanks for the explanation. I however only use Gmail. Will spammers by able to use my address to send their spam?
 
Totempole said:
Not sure what can be done to prevent this, but the reason it can happen is because most outgoing mail servers don't require any sort of authentication, whereas most incoming mail servers do. So, for example if my ISP is Cybersmart i can use any email address to send an email with as long as I use the smtp.cybersmart.co.za outgoing server.
Click to expand...

One would hope that the administrator/s of that server also turned on sender verification to avoid you sending email as [email protected] .
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X