Lately I've been getting a lot of messages that purport to have been undelieverable messages that I sent. However, I sent none of those messages.

The following is a typical example of these messages...

The "From" says the notice of the bounce is coming from "mailer-daemon@inetsrv5gahost.com"

The bounce notice says...
"This message has been rejected because it has
a potentially executable attachment "Boekenlijst2.eml"
This form of attachment has been used by
recent viruses or other malware.
If you meant to send this file then please
package it up as a zip file and resend it."

The body of the message is filled with line after line of garbage like the following...
MMwH0A0ogO7

Most often these bounce messages are 40 or more kbytes, whereas it is my policy NEVER to send messages longer than 15k. Also, I never send attachments with my messages. Never!

Mailwasher grabs these for me. [My email client is set never to download messages greater than 30k.] Ergo, I simply delete them on server - no big deal. But they're getting to be an annoying recurrence. Moreover, they have aroused my curiosity.

Does anyone have a theory as to what all this nonsense is in pursuit of? Am I the only *lucky* fellow who is receiving this species of internet feces?

shaloha.........bellgamin

What you are showing above is a message that was rejected because it contained an attachment type that was not permitted by the mail system. In this case it was an .eml file, which is a forwarded email message.

Originally posted by admin
What you are showing above is a message that was rejected because it contained an attachment type that was not permitted by the mail system. In this case it was an .eml file, which is a forwarded email message.

Yes, Danny, but my point is that I never sent or forwarded ANY such messages as are illustrated by the example. Also, there have been quite a number of these types of bounces -- I just showed a single example. Also, the very odd coding in the body of the message, & the alleged enclosure of a virus -- your comment didn't touch on any of these mysteries.

In other words, I doubt that this is just a routine rejection of a message that "contained an attachment that was not permitted" -- are you implying that I actually did send this message? I did NOT!!!!

I am not implying it....the email message is. I was just expaining what the message was and why it was generated to the benefit of the other people on the board. Please forware me the next one you get along with the headers.

That Bellgamin's email address was "hijacked"?

I recieved about 50 of these, not the "eml attachement" but the undeliverable email daemon refering to addresses I've never sent mail to in my life! I assumed then that some spammer had used my email to send his spam, hoping to avoid responsibility.

:angry: :angry: :angry:

Its possible Gade, we had another user whose address got hijacked by a spammer and was getting thousands of bounces...the bad thing is, there is not really much we can do about it.

I've since "obsfucated" the email links and haven't had a problem since then.

Originally posted by Gade Terbob
I assumed then that some spammer had used my email to send his spam, hoping to avoid responsibility.

Gade- Someone can, I have been told, spoof your email address. However, he cannot actually & truly send mail from your email account unless he has your password & user name.

By the way, I would appreciate learning your techniques for obfuscation, if it's not too much trouble.

Originally posted by Admin I am not implying it....the email message is. I was just expaining what the message was and why it was generated to the benefit of the other people on the board. Please forware me the next one you get along with the headers.

Uhhh -- how many of these things do you want me to forward? I got over a dozen just a few minutes ago [I erased all the previous ones.] In addition to bounces purporting to originate with your servers, I am also getting bounces from "mailer-daemon@yourhostingaccount.com". Ditto "mailer-daemon@aol.com". Ditto FROM biblebell.org TO biblebell.org.

Here's the body of a message that purports to be from *me to me*...

^^^^^^^^^ h1h2P ASHHgQe1CJKHPJ_HaJmHnHsHtHAkW[WBiBhhgQe4l4a k qnUMyJulien Yin8`UnknownG Times New Roman5Symbol3 ArialCefPMingLiU 1hkk] 2 t 13468BDOPQRTUVWZ\^\]d[ 5 579ACY[][3HJulien YinJulien YinOhl4 LT\dssJulien YinuliuliNormalYJulien Yin1liMicrosoft Word 1X`pxSOHOOfA Root EntryFData1Ta

IMHO at least some of this garbage [or maybe even ALL of it] isn't the work of a spammer, but rather of a malicious person. To wit - two of the bogus emails, with subj:Microsoft word" are reported by mailwasher as having viruses.

shaloha......bellgamin

Sure, Bell. What little knowledge I have I gladly share. Go to this link:

http://alicorna.com/obfuscator.html

Scroll down and type in your email address. Press the "click to obfuscate" button. Copy the code generated and put in place of your pages' email link.

The Google search for the words email obfuscator produced over 8000 hits. I think this was problem solved for me before I knew it was problem!!

Buena Suarte!!

Thanks Gade. Great link. Clever little trick. It uses the ASCII codes for your email address. Now that I know how to do it, I can obfuscate even if that link stops the service.

Again........thanks. Y muy buena suerte a usted, tambien.

bellgamin

Care for a rather disheartening thought?

I just did a Google search on the words email harvester. Would you believe that there were over 81,900 hits? In other words, there are 100 times as many sources that want to steal my email address than there are sources to help me hide it.

It's probably klez. Klez spoofs everything, which really leads to confusion as nobody can tell who has the virus or not.

Originally posted by Rodzilla
It's probably klez. Klez spoofs everything, which really leads to confusion as nobody can tell who has the virus or not.

Too true, Rod. That's why I no longer use Mailwasher's ability for bouncing bad stuff back to the sender. Why? Because the senders are usually innocent victims, as well.

By the way, if, as you say Klez spoofs everything how can I get it to spoof me up a 19 year old redhead with hazel eyes & a killer figure?

regards.......bellissimo :karate:

Bell, I certainly don't mean to offend, but.... you chasing a 19 year old would be like a dog chasing a car. What would he do with it if he caught it??

Originally posted by Gade Terbob
Bell, I certainly don't mean to offend, but.... you chasing a 19 year old would be like a dog chasing a car. What would he do with it if he caught it??

Yeah, old age DOES have its disadvantages. On the other hand, I don't care much for the alternative, either. :p

If I had known I was going to live this long, I would have taken better care of myself.

aloha......bellissimo

Double Ditto, here.

I know I'm already about twice as old as I ever thought I'd be!!

Below is a link that I hope will help with your situation:

http://securityresponse.symantec.com/avcenter/venc/data/vbs.bryon@mm.html

:chainsaw:

Bell, I certainly don't mean to offend, but.... you chasing a 19 year old would be like a dog chasing a car. What would he do with it if he caught it??


Hey!! Just because there's snow on the roof, doesnt mean the chimney can't smoke!!! :hatpimp:

Bell, if you want a 19yr old.......GO FOR IT!!! Rock her world!! But make sure you Rock it hard!! ;)

I just confirmed that most of these types of emails contain the NetSky.p virus. NAV is catching the tainted emails. Hope this helps!!!