Windows 7 - Spurious mail seemingly sent from one of my accounts.

For the last month I have been receiving emails from various mail servers s=
aying that a mail I have sent cannot be delivered.  There are hundreds of t=
hem and it is getting to be dificult to handle them all.  They are not bein=
g sent by me and do not appear in my sent mail box, however they do all hav=
e the correct address of a website I own.  Normally this would be - e.g.   =
george@website.com but the prefix is all sorts of peculiar names, none of w=
hich have anything to do with me.

If I did not need this website and the traffic and mail it generates I woul=
d shut it down, but I do!

I cannot see how these are being sent, as the website provider does not see=
m to be able to do anything about it.  How can email be sent from a website=
address that I own without the service provider being aware of it or able =
to stop it. =20

Does anyone know what I can do about this, as I am losing patience with the=
website provider?

Thanks George.

Hi, George.

Short version:  You've been hacked!  :>{

Longer, more-accurate version:  Someone has been sending emails to all those
recipients, using YOUR email address.

I do not know why the emails are undeliverable to those addressees; perhaps
your address book has incorrect information for those contacts.  But, when
one of them "bounces", it would come back to the address from which it
apparently was sent:  your address.  Can you tell if the original bad
messages were actually sent from your website, or only used your "From:"
address while being sent from some other website?

Since I have never had a website of my own, I am not sure how this works in
that context.  But I understand that mail servers often blacklist websites
that habitually send spam, such as many messages in a short time, especially
if they are to many different addresses.  Perhaps the recipient mail servers
have flagged your ??@website.com as one of those "known" spam sources.

My understanding is that many mail servers will not allow mail to be sent
from their site via the typical Port 25, but insist that users who dial in
or connect from some other server use a different port (587?) for such mail.
Perhaps your website or its host has - or needs - such a policy so that a
stranger cannot send email "from" your website.

Now we are into this subject so far that I cannot even tiptoe that deep.
Winston and other posters here understand the inner workings of email much
better than I do.  So I will bow out and let them help you while I read and
learn along with you.  Good luck!

RC
--
R. C. White, CPA
San Marcos, TX
rc@grandecom.net
Microsoft Windows MVP (2002-2010)
Windows Live Mail 2011 (Build 15.4.3555.0308) in Win7 Ultimate x64 SP1



For the last month I have been receiving emails from various mail servers
saying that a mail I have sent cannot be delivered.  There are hundreds of
them and it is getting to be dificult to handle them all.  They are not
being sent by me and do not appear in my sent mail box, however they do all
have the correct address of a website I own.  Normally this would be - e.g.
george@website.com but the prefix is all sorts of peculiar names, none of
which have anything to do with me.

If I did not need this website and the traffic and mail it generates I would
shut it down, but I do!

I cannot see how these are being sent, as the website provider does not seem
to be able to do anything about it.  How can email be sent from a website
address that I own without the service provider being aware of it or able to
stop it.

Does anyone know what I can do about this, as I am losing patience with the
website provider?

Thanks George.

RC provided a very thorough explanation of what probably happened.
-i.e. you web site email address is being used to send mail to a variety =
of=20
other valid or invalid email addresses by another source (usually with =
spam,=20
phishing or malicious intent)

In most cases, the sender has forged the headers of the email by =
replacing=20
the originating source with your email address as if it was sent from =
your=20
web site email address when it was actually sent from another=20
address/location.

The reason why you are getting 'undeliverable' replies.
- the destination email address hosting server rejected the email and=20
replied to the forged email address (i.e yours)
- the destination email address hosting server has blocked emails from =
your=20
address due to a previous history (volume, content of emails, known=20
spam/phishing links within the email) of emails that caused the hosting=20
server to flag your email address as suspicious thus 'blocking' it =
thereby=20
rejecting all emails with a undeliverable reply.
- the destination email address hosting server does not recognize the=20
recipient email address as a valid email address/account on their server =
an=20
replies with an undeliverable response.

Once an address is being used by spammers it may be shared, distributed, =
or=20
sold to other sources.

Attempting to stop the forging/use of the address is usually futile. =
Time=20
may be the only solution.

If your address or domain has been blacklisted by a recipient server and =
one=20
where you need to send legitimate emails, then its incumbent upon you to =

convince the postmaster at the recipient server to remove your address =
from=20
their blacklist but doing so may or may not be achievable.


--=20
...winston
msft mvp mail



For the last month I have been receiving emails from various mail =
servers=20
saying that a mail I have sent cannot be delivered.  There are hundreds =
of=20
them and it is getting to be dificult to handle them all.  They are not=20
being sent by me and do not appear in my sent mail box, however they do =
all=20
have the correct address of a website I own.  Normally this would be - =
e.g.=20
george@website.com but the prefix is all sorts of peculiar names, none =
of=20
which have anything to do with me.

If I did not need this website and the traffic and mail it generates I =
would=20
shut it down, but I do!

I cannot see how these are being sent, as the website provider does not =
seem=20
to be able to do anything about it.  How can email be sent from a =
website=20
address that I own without the service provider being aware of it or =
able to=20
stop it.

Does anyone know what I can do about this, as I am losing patience with =
the=20
website provider?

Thanks George.=20

Winston.  If he went to his email site and changed his password would that
stop future spamming using his email address?


RC provided a very thorough explanation of what probably happened.
-i.e. you web site email address is being used to send mail to a variety of
other valid or invalid email addresses by another source (usually with spam,
phishing or malicious intent)

In most cases, the sender has forged the headers of the email by replacing
the originating source with your email address as if it was sent from your
web site email address when it was actually sent from another
address/location.

The reason why you are getting 'undeliverable' replies.
- the destination email address hosting server rejected the email and
replied to the forged email address (i.e yours)
- the destination email address hosting server has blocked emails from your
address due to a previous history (volume, content of emails, known
spam/phishing links within the email) of emails that caused the hosting
server to flag your email address as suspicious thus 'blocking' it thereby
rejecting all emails with a undeliverable reply.
- the destination email address hosting server does not recognize the
recipient email address as a valid email address/account on their server an
replies with an undeliverable response.

Once an address is being used by spammers it may be shared, distributed, or
sold to other sources.

Attempting to stop the forging/use of the address is usually futile. Time
may be the only solution.

If your address or domain has been blacklisted by a recipient server and one
where you need to send legitimate emails, then its incumbent upon you to
convince the postmaster at the recipient server to remove your address from
their blacklist but doing so may or may not be achievable.


--
...winston
msft mvp mail



For the last month I have been receiving emails from various mail servers
saying that a mail I have sent cannot be delivered.  There are hundreds of
them and it is getting to be dificult to handle them all.  They are not
being sent by me and do not appear in my sent mail box, however they do all
have the correct address of a website I own.  Normally this would be - e.g.
george@website.com but the prefix is all sorts of peculiar names, none of
which have anything to do with me.

If I did not need this website and the traffic and mail it generates I would
shut it down, but I do!

I cannot see how these are being sent, as the website provider does not seem
to be able to do anything about it.  How can email be sent from a website
address that I own without the service provider being aware of it or able to
stop it.

Does anyone know what I can do about this, as I am losing patience with the
website provider?

Thanks George.

I would go for the longer, more-accurate version here.  Spammers are
pretty good at making up names and emails to send messages.  Hacking is
a very remote possibility.

Spammers do not need to hack these days because all they want is to send
their crap which they can easily by using some public free wi-fi
connection.  For example, in London you get completely free Wi-fi
because of London2012 Olympics so why would anybody bother to hack
anybody's email account.

Also, most ISPs these days have a limit on how many messages can be sent
per day.  I cannot send more than 100 messages a day so spammers will not
benefit from using my username and my ISP's servers.

--
Good Guy
Website: http://mytaxsite.co.uk
Website: http://html-css.co.uk
Forums: http://mytaxsite.boardhost.com
Email: http://mytaxsite.co.uk/contact-us

The op should change his password (in fact a good idea to do it =
regularly=20
even in the absence of any suspicious activity).

The answer to your question (based on the info the op provided) is....No
The op already stated:
They are not being sent by me and do not appear in my sent mail box, =
however=20
they do all have the correct address of a website I own.

i.e. his address is being used (most likely falsified in the sent =
messages=20
headers) but his account is not being used.

You can easily see how this type of spamming or phishing works..look at =
the=20
properties/message source of  some junk mail received in an email =
account.=20
Investigation more often than will show a fake sending address and an ip =

from a different country or location.
Take a look at this piece of spam/phishing example
http://liveunplugged.wordpress.com/2012/05/21/phishing-in-the-microsoft-w=
indows-live-hotmail-pond/

The email attempts to obtain info from a hotmail account user. Not=20
identically the same as the op's problem but illustrative of false =
headers,=20
fake source, fake domain, fake ip location.
The email message source provides a variety of clues:
Received from an ip address in Australia and Macedonia from=20
musicalternatives.com with an unsubscribe option to a www.twitter =
listserver=20
and  a fake domain return path address (curoteca.net ) and with an =
active=20
link (in the email) that directs one to a French travel site.


--=20
...winston
msft mvp mail



Winston.  If he went to his email site and changed his password would =
that
stop future spamming using his email address?


RC provided a very thorough explanation of what probably happened.
-i.e. you web site email address is being used to send mail to a variety =
of
other valid or invalid email addresses by another source (usually with =
spam,
phishing or malicious intent)

In most cases, the sender has forged the headers of the email by =
replacing
the originating source with your email address as if it was sent from =
your
web site email address when it was actually sent from another
address/location.

The reason why you are getting 'undeliverable' replies.
- the destination email address hosting server rejected the email and
replied to the forged email address (i.e yours)
- the destination email address hosting server has blocked emails from =
your
address due to a previous history (volume, content of emails, known
spam/phishing links within the email) of emails that caused the hosting
server to flag your email address as suspicious thus 'blocking' it =
thereby
rejecting all emails with a undeliverable reply.
- the destination email address hosting server does not recognize the
recipient email address as a valid email address/account on their server =
an
replies with an undeliverable response.

Once an address is being used by spammers it may be shared, distributed, =
or
sold to other sources.

Attempting to stop the forging/use of the address is usually futile. =
Time
may be the only solution.

If your address or domain has been blacklisted by a recipient server and =
one
where you need to send legitimate emails, then its incumbent upon you to
convince the postmaster at the recipient server to remove your address =
from
their blacklist but doing so may or may not be achievable.


--=20
...winston
msft mvp mail



For the last month I have been receiving emails from various mail =
servers
saying that a mail I have sent cannot be delivered.  There are hundreds =
of
them and it is getting to be dificult to handle them all.  They are not
being sent by me and do not appear in my sent mail box, however they do =
all
have the correct address of a website I own.  Normally this would be - =
e.g.
george@website.com but the prefix is all sorts of peculiar names, none =
of
which have anything to do with me.

If I did not need this website and the traffic and mail it generates I =
would
shut it down, but I do!

I cannot see how these are being sent, as the website provider does not =
seem
to be able to do anything about it.  How can email be sent from a =
website
address that I own without the service provider being aware of it or =
able to
stop it.

Does anyone know what I can do about this, as I am losing patience with =
the
website provider?

Thanks George.=20