Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spam Or Hackers?


  • Please log in to reply
5 replies to this topic

#1 greenlemon15

greenlemon15

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:59 PM

Posted 29 April 2008 - 12:54 PM

Hello all. I am an IT guy and several of my customers have been getting weird emails lately. What makes them weird you ask, well these emails are failed delivery ones which seem odd since no one is at the machine or even in the office.

my first thought was the person just doesn't remember sending the email and typed the wrong address, well that isn't the case. This has begun to pop up on several more users, all at different companies. The email address seems to be real, I googled the address and they are real companies so my guess is someone has gotten into my server or the users machine and is using it to spam people. I am not sure what to do any ideas?

Here is a look at one of the emails.

From: System Administrator
Sent: Tuesday, April 29, 2008 7:30 AM
To: Melissa
Subject: Undeliverable: dvd Kick-up for sjammer

Your message did not reach some or all of the intended recipients.
Subject: dvd Kick-up for sjammer
Sent: 4/29/2008 5:57 AM
The following recipient(s) could not be reached:
sjammer@belcofp.com on 4/29/2008 8:23 AM
The e-mail account does not exist at the organization this message was sent to. Check the e-mail address, or contact the recipient directly to find out the correct address.
<belco-mail.belcofp.com #5.1.1>

BC AdBot (Login to Remove)

 


#2 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:12:59 AM

Posted 29 April 2008 - 01:08 PM

are your customers on a network or on independent machines?

if independedt? my suggestion is that the users will need to check out their own machines with appropriate toos assuming each and every one of them is properly protected?

as to your server, what protection is supposed to be on it ?

also, have any of the customers noticed 'odd behaviour' or unusual behaviour on their computers?

however a google search produces http://www.google.co.uk/search?hl=en&q...earch&meta=

?????

#3 greenlemon15

greenlemon15
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:59 PM

Posted 29 April 2008 - 01:17 PM

These machines are on Networks running SBS 2003. Trend Micro is the Antivirus. And one of them uses MX Logic to filter their emails so spam shouldn't get through. As for the odd behavior none has been reported so far.

#4 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:12:59 AM

Posted 29 April 2008 - 02:39 PM

this article

http://www.microsoft.com/windowsserver2003/sbs/default.mspx may be of use to/for you ?

bear in mind I for one have NEVER used it so cannot vouch for it

I also think this thread needs moving to a more appropraite section

#5 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Staff Emeritus
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:07:59 PM

Posted 29 April 2008 - 04:38 PM

The simple answer is:
The email addresses have been spoofed. A very common practice for spammers. They basically "borrow" someone elses address for a short time, thus making it appear that you sent the messages. Some mail gets through to inboxes, others fail because the address are not valid.
There really isn't anything you can do-just wait it out, as the spammers generally don't use an address for long. It technically isn't spam-what is sent to others in your name is, but the bounce back messages aren't. They come to you because it was sent by someone using your email address.
It is no different than me sending someone a snail mail, and using your home address as the return address.

Of course, infection is a possibility, either on any of your machines or the computer of someone who has you in his/her address book.

Edited by Queen-Evie, 29 April 2008 - 04:46 PM.


#6 greenlemon15

greenlemon15
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:59 PM

Posted 30 April 2008 - 01:31 PM

Thanks guys. Until I find a definite answer waiting it out seems to be the only choice I have. We are going to play with the spam filters to try to tighten it up a bit. I'll let you know if anything changes.

Edited by greenlemon15, 30 April 2008 - 01:34 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users