1. Home
  2. UK Do-It-Yourself Forum
  3. OT: Worrying spam bounce

OT: Worrying spam bounce

I have my own domain and my normal personal email address would be snipped-for-privacy@mydomain.co.uk

In the past I have done business with another company, and I used the email address on their order form of another snipped-for-privacy@mydomain.co.uk

where

formatting link
is their URL with the intention that if this company gave my email address out, it would be obvious.

Today I got a "Mail delivery failed: returning message to sender" where the sender was snipped-for-privacy@mydomain.co.uk

to the address of: oud@another_company.co.uk

I find this rather worrying. It could be a coincidence, but I feel unlikely, or my PC or backup has been compromised.

For those here in the know, any suggestions?

Reply to
Fredxxx
Loading thread data ...

Don't sweat it.

Rule 1: Spammers lie.

It's trivial to send an email that lies about the from address, so all that's needed is to randomly pick a domain or address from, probably, a spam recipient list. Sometimes, it's one-off. Sometimes, they'll pick a legitimate domain and hammer it. Some years go, a domain I had was used in this kind of spamming - at one stage, I was getting upwards of ten thousand delivery failures PER HOUR.

Reply to
Adrian

The bit I find worrying is tying the two domains together that I have stored in Thunderbird.

When was the last time you were aware that a third party spammer sent an email to a nobody domain that can only be found in "received emails" from your normal personal email address?

I'm hoping its a one off!

Reply to
Fredxxx

Unfortunately it isn't since another_company.co.uk is just as likely to get web scraped and used as a to/from address in spam as anything else. Better is "untrustedtoken" where you have chosen the untrusted token to be unique and unlikely to exist in the wild.

I get an inordinate amount of spam and bounces to an assortment of prehistoric partial usenet msgids beginning ewxx. Most recently the forgers seem to be generating random sampled spam to random fake addresses and defeating some of the spam filters in the process.

Post the full headers here with local identities munged to protect the innocent and someone will doubtless pass judgement on where it was injected and how it was forged. Unlikely to be anything worth worrying about but no harm in double checking in case you are now in possession of a zombie spam emitter as part of a botnet.

Most likely someone is forging emails as if from you. Unfortunately this is all too easy to do and you have to live with the backscatter.

The good news is that it seldom lasts more than a few days.

Reply to
Martin Brown

HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.