Strange Spam

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I have my own domain name example.com and I using email forwarding/catchall
I use individual email addresses for various purposes in the format of
subscriptionname@example.com, ispname@example.com, forumname@example.com,
etc.

Recently, I have been getting a lot of spam against that domain name, much
of it is obvious dictionary attacks but quite a lot of it is showing as from
various email addresses on that domain that I have actually used in the
past.

I don't think it is a case of people selling on my email address, some of
these are very respectable organisations and there are just too many of them
happening at the same time. I don't think it's a key trapper as I haven't
actually used some of these addresses for a very long time. I don't think
it's a Trojan taking control of Outlook as I'm not getting bounces from
rogue mail being sent out using these as return addresses.

I'm running XP SP3, Windows firewall, AVG 8 and Windows Defender as my main
protection and occasionally run Lavasoft Adaware and Spybot Search &
Destroy, none of which are finding anything untoward.

Am I missing anything here or does anyone have any suggestions as to how
these addresses may have been picked up?



Re: Strange Spam

["Followup-To:" header set to 24hoursupport.helpdesk.]
[...]

Quoted text here. Click to load it

Bots scraping web forums, blogs, usenet posts, etc.  People thoughtlessly
'forwarding' those stupid emails about 'urgent warnings' and 'missing
child' and 'this is funny' etc.  Clicking on 'unsubscribe me' or 'report
this as spam' links in spam.

--
-- ^^^^^^^^^^
--  Whiskers
-- ~~~~~~~~~~

Re: Strange Spam

Ex_OWM wrote:
Quoted text here. Click to load it

One or more of your correspondents has or had an infected computer, ie,
your addresses were harvested. That fact that the correspondents are
respectable organisations doesn't protect them. There's nothing you can
do about this. It's of course possible that your computer has been
zombified, but your security measures make this unlikely.

IMO, you have two options: a) you can strengthen the spam filters, which
will work for a while; or b) you can destroy your domain, invent a new
one, and mail all your contacts with the new addresses. That will work
until some computer is infected and the addresses are harvested....

FWIW, spam here recently increased from a half dozen or less per week to
15-20 per day. My has a deal with Microsoft/Hotmail, so there's a web
portal for accessing mail. I went there, and set the spam filters from
Low to Medium. (I have no idea why the filters were set on Low - AFAIK
the default is Medium. Bah!) That's reduced the spam back to former low
levels. But I check the Junk Folder on the web portal every other day,
to catch false positives that have been barred from my mailbox.

HTH

wolf k.

Re: Strange Spam



Quoted text here. Click to load it

As the adrresses have been strictly limited to exchanges with the
organistions, all of them would have had to be infected around the same time
which seems unlikely.

Quoted text here. Click to load it

I also think it's unlikley but I'm feeling a bit nervous that something has
slipped under the radar.



Re: Strange Spam

It's okay, guys, I have it figured out.

I thought these IP addresses had never been published anywhere but I realise
now that at least some of them have - I used the ISP ones as contact email
addresses on other domain names registered with them so obvuously they would
have been available on a Whois lookup.

On that basis, I'm sure that I think about it long enough that I'll remember
that somewhere, sometime that I've  used the others.

That was what my underlying concern was - that I was sure these were not
just a dictionary attack but I couldn't think where they might have been
harvested, sorry for giving misleading information.




Re: Strange Spam

Ex_OWM wrote:
Quoted text here. Click to load it


It's easy to forget exactly what you did, especially when the crucial
choice was made as part of a larger task.

;-)

Re: Strange Spam


Quoted text here. Click to load it
Trade in that AVG and get one that has a stronger Spam filter.
AVG is not that good of a program anyway.


Site Timeline