Hundreds of MAILER DEMON emails

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I'm getting hoards of emails all with the subject MAILER DEMON, or
Returned Mail, and similar.  I looked at them, after deleting all
attachments.  None are messages I have sent, many if not most contain
spam, but most of them also contain multiple headers from other
mesages and alot of unreadable garbage.   I did a bunch of web
searching and found that an older virus called W32.Sobig.F@mm
could be the culprit.  I scanned for viruses, scanned for spyware,
downloaded from McAfee a special scanner for this particular virus,
and there is absolutely nothing on my computer as far as viruses or
spyware.  

This leads me to question whether the virus could instead reside on my
ISPs system????  Is that possible?
I emailed them about the problem, but I never got a reply (expected,
since they rarely reply anytime I complain about anything.  

Is there any possibility that my ISP has this or another virus?

Note, I NEVER give out my real email address on the web.  Only friends
get it.  I run a text only email software, and I never open
attachments except photos sent by friends.  I scan everything I
download before I open it.  

Can anyone please help....

THanks

Tom

Re: Hundreds of MAILER DEMON emails

On Wed, 16 Apr 2008 06:21:51 -0500, tomdean@nospam.com wrote:

Quoted text here. Click to load it

Oops, I forgot to mention that I am running Windows98se and am on
dialup internet via modem.  Just in case any of that matters...

Tom


Re: Hundreds of MAILER DEMON emails

tomdean@nospam.com wrote:

Quoted text here. Click to load it

Look up:  "It's your turn in the barrel."

Spammers never use their own email addresses. Most always, they fill the
easily-forged "FROM:" field with the ID of one of their victims, and
send out a batch of .. a few thousand? .. then move on to another bot
(home user running a Windows zombied computer), and use someone else's
ID. Guess who gets the bounce messages to undeliverable addresses?

It will pass. There is nothing you can do about it.

--
   -bts
   -Friends don't let friends drive Vista

Re: Hundreds of MAILER DEMON emails

Beauregard T. Shagnasty wrote:
Quoted text here. Click to load it


You can do some prevention by setting up as many accounts as your ISP
allows, and using them for different purposes. Eg, one for online
orders, another for miscellaneous business, another for family, etc. And
use a disguised or fictional address for Reply To etc for newsgroups.

FWIW, I've noticed that my business accounts get very little spam
compared to the personal accounts.

--
wolf k.

Re: Hundreds of MAILER DEMON emails

Wolf K. wrote:

Quoted text here. Click to load it

That is always a good idea. I control my own mail server, and frequently
set up an address for a specific "sign-up" to see if it generates spam.

Quoted text here. Click to load it

tomdean is already doing that, abusing the owner of "nospam.com"
which is owned by:
Anything.com Ltd.
P.O. Box 309 ,Ugland House
George Town, Grand Cayman

Tom, read this:
http://tekrider.net/tips/tips02.php#mung

Quoted text here. Click to load it

Better filters?  <g>

--
   -bts
   -Friends don't let friends drive Vista

Re: Hundreds of MAILER DEMON emails

tomdean@nospam.com wrote:

Quoted text here. Click to load it

Anyone can claim whatever e-mail address they want.  Few (I don't know
any personally) make the sender use the same e-mail address in their
return-path headers (which are part of their DATA) match with the e-mail
address of the account through which they send their e-mail.  If they
did, spammers would avoid using them (or they wouldn't care because
their mailer trojans on infected hosts would abuse the ignorant's
account at no expense to the spammer, anyway).  You could claim whatever
e-mail address you wanted by changing the E-mail address field in the
e-mail account you have defined in your e-mail program.

The spammer spews their crap using a bogus e-mail address.  Someone
happens to be using yours right now.  Because they send to a lot of
invalid addresses, and because a lot of e-mail admins misconfigure their
mail servers to accept messages before checking if they are deliverable,
they send the NDR (non-delivery report) to the e-mail address specified
in the return-path headers but those were added as DATA by the sender,
not by their sending mail host.  For now, just define a rule to move or
delete the NDRs. Use a rule to look for "report-type=delivery-status" in
the header section of an e-mail.  Move them into the Junk folder, mark
them as read, and enable auto-archiving on the Junk folder to
permanently delete items in there that are older than 3 to 7 days, or
just delete them.

NDRs are of little value, anyway.  If you cannot deliver your e-mails to
a recipient, you can't send them another one telling them that they have
a delivery problem.  If you call them to notify them, you could've
called them in the first place instead of using e-mail.  Snail mail
would arrive too late since they would probably have fixed the problem
long before your letter showed up provided you even know where to send
the letter.  That's why I just shove *all* NDRs into the Junk folder and
marked as read (so the folder doesn't get bolded) and they get
auto-deleted after a few days.

Re: Hundreds of MAILER DEMON emails


Quoted text here. Click to load it

Which is fine until there is a problem at the recipients ISP so they don't
get the message and you don't know that they haven't.
I've had it happen where recipients ISP is BT in UK and Road Runner in USA.
The latter pretty frequently recently

Henry



Re: Hundreds of MAILER DEMON emails

Dragon wrote:

Quoted text here. Click to load it

And when a sender gets that NDR, what are they going to do?  Their
e-mail client is not a mail server so it does not perform a retry after
5 minutes, an hour, or several hours later.  The sender gets the NDR and
what do they do?  They either do not send another e-mail figuring it
won't get delivered anyway or they immediately send another and that one
also gets rejected.

As mentioned, I personally do not immediately delete an NDR.  I move it
into my Junk folder where auto-archiving empties items in that folder
that are over 7 days old (I used to have it set to 3 days but I don't
get enough e-mails at home anymore so I increased the hold time).  I
don't want the NDRs sitting in my Inbox since they are rarely of any
value nor are they anything on which I can enact an immediate reaction
to circumvent.

Re: Hundreds of MAILER DEMON emails


Quoted text here. Click to load it
 I
Quoted text here. Click to load it

Fortunately I have alternative addresses for the Road Runner case
With BT I wait a day or so then try again as I know that it normally works.
Horses for courses I guess.

Henry



Re: Hundreds of MAILER DEMON emails



Quoted text here. Click to load it

I WANT to know when an email that I sent is not getting to the
recipient.  Many times it's just a matter of the recipient having an
overloaded in box, which can happen just from spam with pictures, or
someone sending a large attachment.  Many times I send an important
email to someone and if I did not see the returned email message, I
would wonder why they never contacted me.  I may have sent a check to
someone or something and I need to know that they got my email.  Most
people reply when they get an email if it's a personal or business
matter.  So I surely want to know that they got my messages.  At least
with the "returned message" notice I can call the person, write to
them, or if I suspect their inbox is overloaded, I'll just resend the
email the next day (and tell them I had a returned email).   I've had
a successful resend numerous times, and due to the recipient's box
being full.


Re: Hundreds of MAILER DEMON emails

letterman@invalid.com wrote:

Quoted text here. Click to load it

All of which has you assuming there is guaranteed delivery of e-mail ...
which there isn't.  Even if they did get your e-mail, how would YOU know
they got it?  You don't.  So you send an e-mail asking about a check you
send via snail mail.  E-mail isn't guaranteed to be delivered.  The
receiving mail host might accept your e-mail and then find it is
undeliverable but never send YOU back the NDR.  It hits the receiving
mail host's blacklist, gets blocked, they aren't going to bother telling
a spam source (or whatever is the purpose of their blacklist) about the
rejection, so you don't get an NDR.  It gets into the recipient's
mailbox but they have spam filtering enabled along with the option to
*immediately* delete spam.  Doesn't matter that your e-mail wasn't spam
(as far as you were concerned) but the recipient never sees your e-mail
because of the immediate deletion.  They might configure their spam
filtering to move suspect e-mails into a Screened or Junk folder but
that is a server-side folder that the recipient never looks at because
it is a POP account and they only see those e-mails that get into their
local e-mail client (and which only come from the Inbox on th server).
Their e-mail client receives it but they have junk filtering or rules
that delete suspect e-mails so the recipient still doesn't see it.  They
see it but ignore it.  They see it, see your request to respond, and
choose not to do so.  They see it, they see your request to reply, they
reply, and everything noted above occurs in reverse to prevent you from
getting their reply.  Yeah, e-mail is really guaranteed communication
... NOT!

Re: Hundreds of MAILER DEMON emails

Quoted text here. Click to load it

Big Snip


Wow that's a pretty bleak picture and probably true in some (perhaps
many?)cases.
I suspect my email volume is low in the grand scale of things.
All I can add is that it works well enough for all I use it for.
If I don't get a reply to a really important message (it hasn't happened
yet) I pick up the phone.

Perhaps the most useful thing threads like this do is to add to our
knowledge and for that I thank you.

Cheers

Henry



Site Timeline