home email is sending out spam

Status
This thread has been Locked and is not open to further replies. The original thread starter may use the Report button to request it be reopened but anyone else with a similar issue should start a New Thread. Watch our Welcome Guide to learn how to use this site.

fishfingers

Thread Starter
Joined
Jan 11, 2007
Messages
4
Hi
Our home email address is sending out spam. One of our email addresses is like (name)@(our domain).freeserve.co.uk . We know spam is being sent out because we are getting emails saying messsage unable to be delivered, and the original sender was something like zgrew@(our domain).freeserve.co.uk or lkjur@(our domain).freeserve.co.uk . We are using Outlook Express 6 (or 6.00.2900.2180), and we can log into email on the internet using Orange's website.

Another problem (could be related) is that we cannot send email unless ZoneAlarm is disabled. Although this is probably not related.

Has anyone got any similar experiences, or any ideas on how to stop this. It would be much appreciated. If more info about our computer is needed I can provide it.

Thanks
Dave
 

1002richards

Retired Trusted Advisor
Joined
Jan 29, 2006
Messages
5,333
hi,
I think you need to post a Hijackthis log and let a qualified member (gold shield) take you through what to do.
Using Hijackthis with the self-installer that puts it into Program Files for the poster:

go to Click here to download HJTsetup.exe


  • Save HJTsetup.exe to your desktop.
  • Double click on the HJTsetup.exe icon on your desktop.
  • By default it will install to C:\Program Files\Hijack This.
  • Continue to click Next in the setup dialogue boxes until you get to the Select Additional Tasks dialogue.
  • Put a check by Create a desktop icon then click Next again.
  • Continue to follow the rest of the prompts from there.
  • At the final dialogue box click Finish and it will launch Hijack This.
  • Click on the Do a system scan and save a log file button. It will scan and then save the log and then the log will open in Notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Paste the log in your next reply.
  • DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
Wait for a qualified member to take you onwards from here.

Richard
 

JohnWill

Retired Moderator
Joined
Oct 19, 2002
Messages
106,726
Actually, you probably aren't sending any SPAM. This is a very common issue, I get them all the time, and I can assure you I'm certain they don't come from me. I get tons of reject messages, most go automatically into my junk mail. The SPAMMERS spoof the return address to keep the SPAM filters guessing.
 

fishfingers

Thread Starter
Joined
Jan 11, 2007
Messages
4
Hi, thanks for that, here's an example message:

From: "Espion Interceptor" <postmaster@ei.lourdesrmc.com> Save Addresses
To: gpbdm@(our domain).freeserve.co.uk
Date: Jan 09 2007, 09:19 PM
Subject: *** SPAM *** Undeliverable mail Show full header
Attachment(s): Delivery error ... (378 b); Undelivered-mes... (805 b);


Return-Path: <>

Received: from mwinf3304.me.freeserve.com (mwinf3304.me.freeserve.com)
by mwinb3301 (SMTP Server) with LMTP; Tue, 09 Jan 2007 22:19:57 +0100

X-Sieve: Server Sieve 2.2

Envelope-to: gpbdm@(our domain).freeserve.co.uk

Received: from me-wanadoo.net (localhost [127.0.0.1])
by mwinf3304.me.freeserve.com (SMTP Server) with ESMTP id 24E941C000BB
for <gpbdm@(our domain).freeserve.co.uk>; Tue, 9 Jan 2007 22:19:57 +0100 (CET)

Received: from ei.lourdesrmc.com (ei.lourdesrmc.com [208.63.104.10])
by mwinf3304.me.freeserve.com (SMTP Server) with ESMTP id DA8841C000A5
for <gpbdm@(our domain).freeserve.co.uk>; Tue, 9 Jan 2007 22:19:56 +0100 (CET)

X-ME-UUID: 20070109211956895.DA8841C000A5@mwinf3304.me.freeserve.com

Received: from localhost (localhost [127.0.0.1])
by ei.lourdesrmc.com (Postfix) with ESMTP id 5A677DF03E
for <gpbdm@(our domain).freeserve.co.uk>; Tue, 9 Jan 2007 15:19:50 -0600 (CST)

MIME-Version: 1.0

Subject: *** SPAM *** Undeliverable mail

Message-Id: <DSN3NdD37spycK2@ei.lourdesrmc.com>

Content-Type: multipart/report; report-type=delivery-status;
boundary="----------=_1168377590-86958-1"

From: Espion Interceptor <postmaster@ei.lourdesrmc.com>

To: <gpbdm@(our domain).freeserve.co.uk>

Date: Tue, 9 Jan 2007 15:19:50 -0600 (CST)

X-me-spamlevel: med

X-me-spamrating: 95.280693

This nondelivery report was generated by the Espion Interceptor
at host ei.lourdesrmc.com. Our internal reference code for your message
is 86958-01/3NdD37spycK2.


Return-Path: <gpbdm@(our domain).freeserve.co.uk>
Your message <45A406DD.5050002@(our domain).freeserve.co.uk>
could not be delivered to:
<arnold@lourdesrmc.com>:
550 Bounced, id=86958-01 - Invalid Address arnold@lourdesrmc.com



Ok I don't know why that is so long, I've put in bold the parts that I actually see when I read the email. I have put in (our domain) for the real address for security reasons. What do you think?
Thanks
 
Joined
Aug 17, 2003
Messages
17,584
I agree with JohnWill here, the commonly used spammers (and virus) trick is to forge the return address, that way they do not see the bounces and it diverts attention from the real source.

The sooner we have the death penalty for spammers, the better.
 
Status
This thread has been Locked and is not open to further replies. The original thread starter may use the Report button to request it be reopened but anyone else with a similar issue should start a New Thread. Watch our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top