1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Undeliverable Mail i did not send

Discussion in 'Web & Email' started by Bert83, Apr 2, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. Bert83

    Bert83 Thread Starter

    Joined:
    Apr 2, 2007
    Messages:
    2
    My company is currently getting a lot of "undeliverable mail" bounced back to us, which i guess isn't all that odd except for the fact that we have not sent anything to these e-mail addresses. Here is an example of one of the bounce backs:


    Your message did not reach some or all of the intended recipients.

    Subject: [!! SPAM] DoggSofia ONealTeri
    Sent: 3/21/2007 5:29 PM

    The following recipient(s) could not be reached:

    [email protected] on 3/21/2007 5:29 PM
    The e-mail system was unable to deliver the message, but did not report a specific reason. Check the address and try again. If it still fails, contact your system administrator.
    < msk-m10-st02.rtcomm.ru #5.0.0 X-Postfix; host cucumber.rt-comm.ru[195.161.0.137] said: 550 [email protected] unknown user account (in reply to RCPT TO command)>



    Our IT person is ignoring this issue, but I've been looking around a little online to try and find a cause for this problem and what I'm finding is a bit concerning. I may be looking in the wrong places, but what I've found is a lot of references to an "RCPT TO command buffer overflow exploit". Is this paranoia unfounded? I realize this particular exploit is a couple years old, however our e-mail client probably hasn't been updated in a number of years. We use outlook pro 2003, but i'm not sure what our real e-mail client is.
     
  2. Klaatu01

    Klaatu01

    Joined:
    Mar 30, 2007
    Messages:
    14
    This is a SPAM tactic to bypass inbound message filtering rules using your "known" e-mail address. It is likely that your e-mail address was used in a web forum or online group and it has been "harvested" by a spider 'bot program. These programs wander the Internet by following hyperlinks between pages and add ANY and ALL e-mail addresses found to databases they "report" to.

    By creating a e-mail message to an invalid address with your e-mail address in the "Reply to:" field, when delivery fails the receiving mail server sends it back from whence it came (e.g. to you). Being a curious e-mail user and wondering what message sent failed delivery, users typically open these messages and allow them to load images integrated into the message which FURTHER confirms your e-mail address. The downloading of the images occurs through another server probably controlled by the spammer(s) and the successfully downloaded to information is linked to the original "bogus" e-mail. Man, this is awful!!

    I devised a solution to this problem years ago and wanted to Patent it but, sadly never followed through on the idea. These days there are methods of digitally "signing" e-mail to validate you as the actual (and original true) sender and this detail COULD (eventually) be used to reject any "unsigned" e-mail coming back as a result of the "Reply to:" address. This idea has not been widely implemented so far and remains an "advanced user" concept not ready for general use.

    So, a few things to try: (may only help in the future)

    1. Never use your e-mail address without obfuscating it thus "(username)_(AT)_(domain).com" (remove the real "@" symbol and pad whatever portion desired with underscore characters).

    2. When registering for online forums and groups, always use the "Hide my e-mail address" from members option if it is available.

    3. Set your e-mail program NOT to automatically download images in e-mail messages.

    4. Keep a separate e-mail account for online forums and groups and DO USE the providers report "SPAM" button or frwarding address if provided (many services have a "spam@" e-mail address for reporting such garbage). This e-mail address may also be used for entering contests and signing up for mailing lists, etc.

    5. Use any filtering built into your e-mail program to automatically delete messages with suspect Subject: lines. This option may be difficult to the level of near impossible due to the generic nature of modified return mail's Subject: lines (e.g. "Undeliverable...").
     
  3. Bert83

    Bert83 Thread Starter

    Joined:
    Apr 2, 2007
    Messages:
    2
    Thanks for the info and suggestions, Klaatu. I wasn't sure if this was just spam since there really was no body or images to the e-mail, just random subject lines, but spam is spam i suppose.

    ...Klaatu Veracti Nictu...
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/557352