URGENT: Receiving spam email sent from myself!


B

Bobby Edward

During the past week I have been receiving ALOT of spam email from 2 of my
email addresses (custom domain - we'll call "MyDomain.com"). My dad called
and said he's also been receiving them too! (From mostly
(e-mail address removed).) I use webhost4life as my hosting & email company.
(mysite4now servers)

I did a thorough virus scan with Avast and found NOTHING. I did a thorough
spybot check and found NOTHING.

What should I do? How can I find out WHERE they are coming from and STOP
them????

Here's the email headers of the last 6 SPAMs....

Return-Path: <[email protected]>
Received: from ppp-58-9-28-41.revip2.asianet.co.th [58.9.28.41] by
mx249j.mysite4now.com with SMTP;
Thu, 18 Dec 2008 01:54:35 -0800
To: <[email protected]>
Subject: Discount ID: 4432
From: <[email protected]>
MIME-Version: 1.0
Importance: High
Content-Type: text/html
X-Rcpt-To: <[email protected]>
X-SmarterMail-Spam: Bayesian Filtering, SPF_None

Return-Path: <[email protected]>
Received: from ppp-58-9-28-41.revip2.asianet.co.th [58.9.28.41] by
mx249j.mysite4now.com with SMTP;
Thu, 18 Dec 2008 01:54:35 -0800
To: <[email protected]>
Subject: Discount ID: 4432
From: <[email protected]>
MIME-Version: 1.0
Importance: High
Content-Type: text/html
X-SmarterMail-Spam: Bayesian Filtering, SPF_None

Return-Path: <[email protected]>
Received: from 87-97-201-153.2073138774.ddns-catv.pl.ekk.bg [87.97.201.153]
by mx249j.mysite4now.com with SMTP;
Wed, 17 Dec 2008 21:34:51 -0800
To: <[email protected]>
Subject: RE: Your inquiry
From: <[email protected]>
MIME-Version: 1.0
Importance: High
Content-Type: text/html
X-SmarterMail-Spam: SPF_Neutral

Return-Path: <[email protected]>
Received: from p578b56a0.dip0.t-ipconnect.de [87.139.86.160] by
mx249j.mysite4now.com with SMTP;
Wed, 17 Dec 2008 20:46:21 -0800
To: <[email protected]>
Subject: Delivery Status Notification (Failure)
From: <[email protected]>
MIME-Version: 1.0
Importance: High
Content-Type: text/html
X-SmarterMail-Spam: SPF_Neutral

Return-Path: <[email protected]>
Received: from 87-97-201-153.2073138774.ddns-catv.pl.ekk.bg [87.97.201.153]
by mx249j.mysite4now.com with SMTP;
Wed, 17 Dec 2008 21:34:50 -0800
To: <[email protected]>
Subject: We have found your lost message
From: <[email protected]>
MIME-Version: 1.0
Importance: High
Content-Type: text/html
X-SmarterMail-Spam: SPF_Neutral

Return-Path: <[email protected]>
Received: from p578b56a0.dip0.t-ipconnect.de [87.139.86.160] by
mx249j.mysite4now.com with SMTP;
Wed, 17 Dec 2008 20:46:21 -0800
To: <[email protected]>
Subject: Delivery Status Notification (Failure)
From: <[email protected]>
MIME-Version: 1.0
Importance: High
Content-Type: text/html
X-SmarterMail-Spam: SPF_Neutral
 
Ad

Advertisements

D

DL

They are simply spam delete them, dont bother trying to find the spambot PC

Bobby Edward said:
During the past week I have been receiving ALOT of spam email from 2 of my
email addresses (custom domain - we'll call "MyDomain.com"). My dad
called and said he's also been receiving them too! (From mostly
(e-mail address removed).) I use webhost4life as my hosting & email company.
(mysite4now servers)

I did a thorough virus scan with Avast and found NOTHING. I did a
thorough spybot check and found NOTHING.

What should I do? How can I find out WHERE they are coming from and STOP
them????

Here's the email headers of the last 6 SPAMs....

Return-Path: <[email protected]>
Received: from ppp-58-9-28-41.revip2.asianet.co.th [58.9.28.41] by
mx249j.mysite4now.com with SMTP;
Thu, 18 Dec 2008 01:54:35 -0800
To: <[email protected]>
Subject: Discount ID: 4432
From: <[email protected]Domain.com>
MIME-Version: 1.0
Importance: High
Content-Type: text/html
X-Rcpt-To: <[email protected]>
X-SmarterMail-Spam: Bayesian Filtering, SPF_None

Return-Path: <[email protected]>
Received: from ppp-58-9-28-41.revip2.asianet.co.th [58.9.28.41] by
mx249j.mysite4now.com with SMTP;
Thu, 18 Dec 2008 01:54:35 -0800
To: <[email protected]>
Subject: Discount ID: 4432
From: <[email protected]>
MIME-Version: 1.0
Importance: High
Content-Type: text/html
X-SmarterMail-Spam: Bayesian Filtering, SPF_None

Return-Path: <[email protected]>
Received: from 87-97-201-153.2073138774.ddns-catv.pl.ekk.bg
[87.97.201.153] by mx249j.mysite4now.com with SMTP;
Wed, 17 Dec 2008 21:34:51 -0800
To: <[email protected]>
Subject: RE: Your inquiry
From: <[email protected]>
MIME-Version: 1.0
Importance: High
Content-Type: text/html
X-SmarterMail-Spam: SPF_Neutral

Return-Path: <[email protected]>
Received: from p578b56a0.dip0.t-ipconnect.de [87.139.86.160] by
mx249j.mysite4now.com with SMTP;
Wed, 17 Dec 2008 20:46:21 -0800
To: <[email protected]>
Subject: Delivery Status Notification (Failure)
From: <[email protected]>
MIME-Version: 1.0
Importance: High
Content-Type: text/html
X-SmarterMail-Spam: SPF_Neutral

Return-Path: <[email protected]>
Received: from 87-97-201-153.2073138774.ddns-catv.pl.ekk.bg
[87.97.201.153] by mx249j.mysite4now.com with SMTP;
Wed, 17 Dec 2008 21:34:50 -0800
To: <[email protected]>
Subject: We have found your lost message
From: <[email protected]>
MIME-Version: 1.0
Importance: High
Content-Type: text/html
X-SmarterMail-Spam: SPF_Neutral

Return-Path: <[email protected]>
Received: from p578b56a0.dip0.t-ipconnect.de [87.139.86.160] by
mx249j.mysite4now.com with SMTP;
Wed, 17 Dec 2008 20:46:21 -0800
To: <[email protected]>
Subject: Delivery Status Notification (Failure)
From: <[email protected]>
MIME-Version: 1.0
Importance: High
Content-Type: text/html
X-SmarterMail-Spam: SPF_Neutral
 
B

Brian Tillman [MVP - Outlook]

Bobby Edward said:
During the past week I have been receiving ALOT of spam email from 2 of my
email addresses (custom domain - we'll call "MyDomain.com"). My dad
called and said he's also been receiving them too! (From mostly
(e-mail address removed).) I use webhost4life as my hosting & email company.
(mysite4now servers)

I did a thorough virus scan with Avast and found NOTHING. I did a
thorough spybot check and found NOTHING.

What should I do? How can I find out WHERE they are coming from and STOP
them????

Here's the email headers of the last 6 SPAMs....

Never post real mail addresses in newsgroups. You invite even more spam and
viruses that way.

The header
Received: from ppp-58-9-28-41.revip2.asianet.co.th [58.9.28.41] by
mx249j.mysite4now.com with SMTP;

indicates that the message was routed through Thailand. The header
Received: from 87-97-201-153.2073138774.ddns-catv.pl.ekk.bg
[87.97.201.153] by mx249j.mysite4now.com with SMTP;

Indicates the message was routed through Bulgaria. The header
Received: from p578b56a0.dip0.t-ipconnect.de [87.139.86.160] by
mx249j.mysite4now.com with SMTP;

indicates the message was routed through Germany. There's no good way to
trace the real sender's origin. For situations like this, route filters
like that found in SpamPal (http://www.spampal.org/) are fairly effective.
 
Ad

Advertisements

F

Fuzzy Logic

During the past week I have been receiving ALOT of spam email from 2 of
my email addresses (custom domain - we'll call "MyDomain.com"). My dad
called and said he's also been receiving them too! (From mostly
(e-mail address removed).) I use webhost4life as my hosting & email
company. (mysite4now servers)

I did a thorough virus scan with Avast and found NOTHING. I did a
thorough spybot check and found NOTHING.

What should I do? How can I find out WHERE they are coming from and
STOP them????

Here's the email headers of the last 6 SPAMs....

[edited for brevity]

This may be of use:

http://www.cert.org/tech_tips/email_spoofing.html
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top