Over the last two days, I've gotten scores of messages similar to the following. They are in reference to a spammed message. Am I correct in assuming that some cretin used my domain name (techcellence.net) in the From field, so these messages are bouncing back to me?

I haven't gotten any complaints from people who have been spammed. That could be because they simply don't bother and just delete spam, or are informed enough to look at the headers and see the message did not originate from my server.

The actual spammer is www.webhost4u.org


Return-Path: <MAILER-DAEMON@ns.techcellence.net>
Received: from dsm-mail01.accudocs.com ([204.241.122.71]) by ns.techcellence.net
(8.11.0.Beta1/8.11.0.Beta1) with ESMTP id f5F6rQO10938 for <nobody@ns.techcellence.net>; Fri, 15 Jun 2001 02:53:26 -0400
Received: by dsm-mail01.firstimage.com with Internet Mail Service (5.5.2650.21) id <MNAKP587>; Fri, 15 Jun 2001 01:44:56 -0500
Message-ID: <250A15F15556D21180C200A0C9E1E1C201A4ED76@bhm-mail01.bhm.accudocs>
From: System Administrator postmaster@AccuDocs.com>
To: nobody@ns.techcellence.net
Subject: Undeliverable: YOU JUST MADE A $250 SALE!!!
Date: Fri, 15 Jun 2001 01:44:54 -0500 MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2650.21) X-MS-Embedded-Report: Content-Type: multipart/mixed; boundary="----_=_NextPart_000_01C0F566.AFB22672"
Status: U
X-Mozilla-Status: 8001
X-Mozilla-Status2: 00000000
X-UIDL: Se\!!fOS!!Ln]"!aD'!!

Your message

To: cheryline.lawson@accudocs.com
Subject: YOU JUST MADE A $250 SALE!!!
Sent: Fri, 15 Jun 2001 01:52:25 -0500

did not reach the following recipient(s):

c=US;a= ;p=AccuDocs;o=Birmingham;dda:SMTP=cheryline.lawson@accudocs.com; on
Fri, 15 Jun 2001 01:53:09 -0500
The recipient name is not recognized
The MTS-ID of the original message is: c=US;a=
;p=AccuDocs;l=BHM-MAIL010106150653M80KJWRQ
MSEXCH:IMS:AccuDocs:BIRMINGHAM:BHM-MAIL01 0 (000C05A6) Unknown Recipient

Message-ID:
<200106150652.f5F6qPG10888@ns.techcellence.net>
From: nobody@ns.techcellence.net
To: cheryline.lawson@accudocs.com
Subject: YOU JUST MADE A $250 SALE!!!
Date: Fri, 15 Jun 2001 01:52:25 -0500 MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2650.21)
X-MS-Embedded-Report: Content-Type: text/plain; charset="iso-8859-1"

Originally posted by Duster
Over the last two days, I've gotten scores of messages similar to the following. They are in reference to a spammed message. Am I correct in assuming that some cretin used my domain name (techcellence.net) in the From field, so these messages are bouncing back to me?


Yup. That's a common tactic that the spammers use. As another example, look at the little note on the top of this web site http://www.dslreports.com/

I know. I've seen it many times, even law suits over the matter. I am just trying to confirm that's what happened in this instance. In an earlier post I made on a similar matter, I learned a bit on how mail works at the server level. My domain name was substituted on mail delivered to my server with a phony address.

In the most current case, the spammer's web site has already been terminated, despite even the name servers showing the spammer's domain name. Kudos to the host and some other anti-spammer.