1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Outlook sending spam

Discussion in 'Business Applications' started by FrankB, Sep 27, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. FrankB

    FrankB Thread Starter

    Joined:
    Mar 19, 2001
    Messages:
    221
    I am on XP with Outlook 2002 SP2. I have been getting Mailer Daemons returned to me on messages I haven't sent. Today when I checked my mail for the first time I saw Norton scan an outgoing message and I received a Daemon back. The message has to do with printer cartridges. There are no new messages in my sent folder. In the body of the Daemon I see a file winmail.dat. I did a search in my pc and only found a winmail1.dat 1kb. Is this a normal file in XP? Is there a way to find the program that's sending this spam from my pc? I ran spybot and adaware with the latest updates. I also ran Norton and found nothing. I asked for help from my ISP but they haven't helped. Are there any mail trace programs? Any suggestions?
     
  2. BillC

    BillC

    Joined:
    May 28, 2003
    Messages:
    2,366
    One of the newer techniques spammers are using is to hijack many individual machines to avoid be traced. The fact that you said Symantec was scanning something going out leads me to believe you may very well be a victim. Sounds like it anyway.

    I'd suggest a couply of omnine scans that are sometimes able to find this type malware. Try Pest Patrol's PestSCan and GFI's online trojan scan

    If you find nothing, then it is time for a Hijack This log review I believe.
     
  3. FrankB

    FrankB Thread Starter

    Joined:
    Mar 19, 2001
    Messages:
    221
    These found 0 problems. I had already run adaware, spybot and norton. This seems to be a problem for others also. It may be the tip of the spam iceberg. Others have tried many things and found nothing in their logs that gives a clue.
    Thanks again
     
  4. BillC

    BillC

    Joined:
    May 28, 2003
    Messages:
    2,366
    Golly...a mystery indeed. Well, if something is being sent, an application has to be sending it. Look in your Task Manager and see if anything looks new or unusal to you. Trouble is, for me, most things in Task Manager look unusual!

    Also, check the properties of the "returned" mail to see if that might shed some light.

    The new Zone Alarm Pro has a mailsafe feature that allows you to block mailings that exceed a number you pick like 'x' messages in 'y' seconds. This was designed for this exact reason. Zone Labs says:
    It's a thought.
     
  5. FrankB

    FrankB Thread Starter

    Joined:
    Mar 19, 2001
    Messages:
    221
  6. greygeezer

    greygeezer

    Joined:
    Jul 15, 2003
    Messages:
    12
  7. jlongson

    jlongson

    Joined:
    Oct 15, 2003
    Messages:
    1
    Glad others are having this problem. Happily the problem, at least on my machine, isn't a trojan but a tag in a spam that I received.

    Disposition-Notification-To: <[email protected]>

    (email address is ficticious)

    I'm running Outlook 2002-sp2 on XP pro with ZoneAlarm pro.

    My spam filter (Cloudmark) picked up the spam and moved it to a spam folder. When I periodically delete the contents of the spam folder, it seems to send these disposition notification messages.

    So the message gets sent, even if I never open it. Deleting the spam triggers the send.

    Outlook allows blocking of read receipts, but I haven't figured out whether it can block Disposition-Notification-To: messages.
     
  8. haza-w

    haza-w

    Joined:
    Dec 2, 2004
    Messages:
    1
    Great numbers of these e-mails are being sent from my home PC.
    I have traced the address of where the HTML in the e-mail redirects you - it is smartinfosite.info on mine - go there and you get a lovely "unsubscribe" box - the WHOIS data points it to an Australian user who I have contacted with extremely nice words.
    ZoneAlarm's MailSafe feature should be preventing mail from being sent in this fashion but nothing is flagged.
     
  9. Bob Parks

    Bob Parks

    Joined:
    Jan 10, 2004
    Messages:
    263
    I may have misread this thread but I see a program on a local hardrive sending spam. ZoneAlarm and Norton both have a switch that requires authorization to send mail. After you approve Outlook etc. the spyward program can be denied permission permanently and you never see it again. Spybot/PestPatrol/Weboot/Adaware can then sniff out and delete the bad program.
     
  10. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/167799

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice