No answers where found for this problem with my
Hopefully this time, I may get a good solution.
Am using CPanel 4.
Here's the problem:
Eventhou I moved my website from one hosting
company to another, Someone is still sending emails
from my email account to many people without me knowing anything about this. I only found out about this, when I started
receiving emails such as "mail delivery error: user unknown",
with these emails I saw that person was sending
it from an email address that doesn't exist to a person
I don't know about. One more thing is that, these emails
are being sent from my sub-domains ,e.g, [email protected].
Here's an sample of email a header:
Received: from bjwmr (205-218-162-65.cyberstation.net [126.96.36.199]) by rly-xg02.mx.aol.com (v86_r1.15) with ESMTP id MAILRELAYINXG23-0809200629; Fri, 09 Aug 2002 20:06:29 -0400
From: Latrice Cianci <[email protected]>
To: <[email protected]>
Subject: fvckkkina subject_2_2
Date: Sat, 10 Aug 2002 04:14:57 -0400
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Message-Id: [email protected]
Am using myaddress.com, just for example, but everything
else in the above is the actual headers from the emails
that I received.
Please guys help me stop these emails from being sent.
The people at my hosting company, I doubt are of any help
and you guys are my last hope.
Its also known as a Joe Job. Your host can't do anything to you (if that is what you are concerned with) since its not originating off your servers (or theirs technically). Basically, just post something to your website should people complain to you about it.
Are the (returned) messages actually spam? Or is it possible that you are seeing the results of someone's KLEZ (or variant) infected machine? We get mail purporting to be from our own support address every day from someone with our address in their address book, and it's nothing more than an annoying byproduct of that particular trojan.
Yeah, I have been on the web for a while, and one particular email address has been around with me for about 6 years now. Of course during that time it slowly gets 'known' across the web (and you sometimes give it away in the wrong places...)
I also now regularly get messages returned to me that I didn't send. Since they are usually virus related, and there are nowadays so many people with virus infected machines (and some unfortunately, it seems, with my email address in their addressbook) I just choose to delete them and ignore them.
Unfortunately these virusses nowadays (some anyway) completely randomize the from and to addresses from someone's addressbook, so there is no easy way of finding out the address of the person that has the infected machine.
For example, if person X has addresses A, B, C and D in his addressbook, then A might receive a mail 'supposedly' from B even though A and B don't know each other at all.
I guess you can play with the headers of the emails and find out which servers are involved, but I have never bothered to get in that deep - seems to cost more time than it will buy...
These emails are not as your mentioned, there are actually
sending emails to many people using my email addresses
that don't exist, with trojan horses or viruses as attachments.
I don't what to do, how to stop them or at least find out
how there found about my website or email account.
It does sound like it could be Klez (or variant, or other). When you can't figure it out, that's a sign that it is one of these buggers. Makes no sense, thank the wonderful writers of these annoying trojans if so. Aren't they so helpful?