It Wasn't Me, Promise! 🙁

I received hundreds of e-mail messages this morning, some from folks wanting to know why I was sending them infected messages, and the others bounce notifications sent because mail servers had rejected mail I had sent because of bad attachments. The problem? I did not send the mail, nor did my computer send them without me knowing. This has been going on for a while, it seems that my personal e-mail address has become popular with several spammers. It has gotten so bad that a few days ago I received a bounce e-mail from AOL listing hundreds of invalid addresses to which my mail could not be delivered. The mail was porn spam, and if that many failed I am sickened at how many might have been delivered, claiming to be from me. I had AOL forward some of the messages to me so I could see the headers, the sender is definitely me, but the servers that the messages were submitted from were not mine at all. This is all very aggravating, especially as there is absolutely nothing I can do about it at all. Fun fun fun. Has anyone else had to deal with this before? If so, please share your thoughts.

10 responses to “It Wasn't Me, Promise! :-(”

  1. Ray Avatar

    I’ve had something similar happen although not at that scale. When I worked at AOL I worked with AOL’s online volunteers who were targets of the wannabe hackers who infest the AOL service. They would spoof email addresses in an attempt to steal volunteers AOL accounts. Spammers consistently spoof email addresses and email headers in an attempt to "fool" AOL’s spam blocking technology.

  2. kellan Avatar

    Are you sure its spammers using your address? In the last few days the SoBig virus has surged again with the standard M.O. of pulling both From: and To: address from the infected computers addressbook, and cached web pages.
    I woke up to a pine inbox full of messages suggesting I upgrade my outlook install, including numerous bounces from messages claiming to have been sent from the various lists I admin.

  3. Ben Forta Avatar
    Ben Forta

    kellan, no, I am not sure it is spammers, but the mail that has been generated is not the SoBig mail, it is good old advertising (at least in the AOL case), ads for porn sites and mail body part enlargements (amongst other things).

  4. Nathan Dintenfass Avatar
    Nathan Dintenfass

    Between Klez, SoBig, and spammer spoofing I see an unbelievable amount of this every day. Most of it comes through a non-profit I run where the email addresses are all over the web.
    The people who write these viruses and do this kind of spamming make me understand what drives people to vigilante justice.
    There really is nothing that can be done about it other than try to explain over and over that it’s through absolutely not fault of your own that it happens. Unfortunately, you’ll never even get the chance to explain it to most people.

  5. Peter Tilbrook Avatar
    Peter Tilbrook

    That’s interesting – and unfortunate – if not dang annoying!
    I am not running ANY anti-virus software at the moment. I protect my PC with ZoneAlarm Pro and MailWasher Pro and do NOT maintain an address list anywhere on my PC (including Outlook) and have not been affected (yet) by the Blaster or the latest virus.
    Can’t explain it really. I might put NAV 2003 on right now just to make sure I’m clean however.

  6. John Oconnor Avatar
    John Oconnor

    my sons AOL account did the same thing a year back , we actually had to delete the account and create a new one because a remote server was linked to his email and periodically sending out this nastiness to a multitude of users.
    You could always set up a web based mail account to prevent it from happening again.
    As far as spammers go i have a great link on my php page that sends the bot to a page containing over 200 false emails , by the time it leaves the page the server is so full of unusable email addys the files all have to be deleted ….

  7. Don Avatar

    So don’t you think CFMX 6.1’s spam emailing capabilities work well? I bet you could send a million porn spams out in an hour.

  8. Ben Arledge Avatar
    Ben Arledge

    This has happened to me as well, although not on a regular basis. I haven’t got a clue what to do about it either. I wonder if you could get authorities involved in tracking down these *bleep*ing bastards, as someone is clearly (and illegaly) impersonating you.

  9. tfelice Avatar

    Along with many others, I too have had this happen. Having a public email address is much too tempting, and for someone of your fame, hard to resist. In my case, it was a fellow employee spoofing mail to the boss, which was pretty easy to prove, once I found out about it. I don’t have any experience with the scope you describe.
    Mr. O’Connells spidertrap is a nice prophylactic approach. I too, tried that, I was auto-generating 100 per page with a link at the bottom to the next 100, ad infinitum. I quickly realized that, while fun, it couldn’t stop spammers from sending messages to and from me.
    Also, after a bit of research into email worms, I took some advice just to be on the safe side. I set up fake addresses at the top and bottom of my alpha-ordered contact list, and recommended the technique to everyone I came in contact with. Although I don’t know if the technique is still useful, Nimda-era worms choked on bad addies. I realized that this would not allow me to stop the spam.
    Although I loved my email address, I had to let it go. I set up a new one, and held it very close to my vest. I no longer include even JS-encrypted links to contact me. For someone who has never received an email from me, the only way for them to do it on the web is through a form. This really does help filter out the frivolous things, and I can honestly say that in the last year and a half with my current address, I have not had more than one spam a week.
    But this still leaves the current problem. Anyone can forge anyone’s email address. I am going to echo Ray’s thoughts that many current ISPs try to filter spammers that do not use legitimate addresses. This may have been my million-dollar idea, but here it goes- would it be possible to cloak your email address? I know it is very possible to request validation from the mail server, so it must, therefore, be possible to have your mail server think you’re not home.
    PS: Ben, if you know of any good tutorials about how to create a mail-sniffer in CF, I would love to know.

  10. Scott Straley Avatar
    Scott Straley

    Recently I had this happen with my Yahoo! email account. Now, I was certain I didn’t send out hundreds of email from my Yahoo! email account urging people to purchase Viagra(tm) online. I ended up telling Yahoo! that the bounced mail messages themselves were spam and blocking the sender. Now I get a trickle of email into my account and the rest goes into my Bulk folder.
    I think the who SMTP/POP protocol is outdated and needs a serious overhaul. Especially now, in the post 9/11 world, we need to be able to track email senders. I’m all for privacy, but email is on the verge of becoming obsolete because of the spam abuses. I have several email accounts which are just spam collectors, and I have to keep moving on. If someone says, I emailed it to your old account, I have to go and wade through hundreds of spam messages in my trash bin to find their message.
    Ahhh… the joy.
    ~ Scott

Leave a Reply