Failure to deliver email notifications
Discussion
Over the last few weeks I've been getting numerous failure to deliver email notifications that someone else is sending using my main email address. How concerned should I be that my email account is being used and how can I prevent it ?
The email header says the culprit is
know_smtprelay-11-imp
though the number 11 has also been 10 and 9, it's just 11 appears more often than the other numbers.
Anyone able to advise please?
Thanks
The email header says the culprit is
know_smtprelay-11-imp
though the number 11 has also been 10 and 9, it's just 11 appears more often than the other numbers.
Anyone able to advise please?
Thanks
Is this a business email address or a personal one? If it's a personal one then there's not much you can do about it.
If it's a business one then i'd be concerned as you may find your domain being blacklisted. I'd recommend setting up an SPF record in DNS if you haven't done so already.
If it's a business one then i'd be concerned as you may find your domain being blacklisted. I'd recommend setting up an SPF record in DNS if you haven't done so already.
Sorry but I don't understand the acronyms you're using. I delete the returned email notifications as soon as I get them- and they don't appear in my trash folder, whereas proper emails I've deleted are still there. It's my own personal email account that I've had from Virgin media since NTL days. The title notifier is
mailer-daemon@virginmedia.com
It then reads failure to send email to ( various different email addresses)
mailer-daemon@virginmedia.com
It then reads failure to send email to ( various different email addresses)
It may or may not be that your account is actually in use. It may just be what's called "backscatter" - a spammer spoofs the sender's address, sends it to a load of different recipients and there are NDRs/bounces, which go back to the spoofed address.
To be safe, change your email account password and enable 2-factor authentication if possible.
To be safe, change your email account password and enable 2-factor authentication if possible.
As other have said, you are a "victim" of backscatter. Your email address is being used in the "from" field when a spammer is sending out his spam. It generally doesn't mean that you have been compromised in any way, it is just an annoyance of the email system that you can effectively send email with any "from" address you like.
The spammer needs a "valid" email address to try and get past spam filters, so they look for ones like yours which don't have some level of validation of who sent it (the aforementioned SPF etc). SPF is a method of validating that an email came from an authorised source, but is generally only avaliable if you are using your own domain name - from the sounds of it you don't own the domain for the email address you use, so this isn't an option open to you.
What can you do about it? Not a lot if you use an old email address that is effectively "owned" by a 3rd party. Maybe think about migrating to gmail or something similar, or ideally your own domain name/email address, but this requires a bit of technical nous to make it all work.
The big negative side-effect of all of this is that because your address is being used to send spam, you may find yourself being blacklisted and unable to send to some recipients. To check if this is likely, I find this a good tool: https://www.mail-tester.com/
The spammer needs a "valid" email address to try and get past spam filters, so they look for ones like yours which don't have some level of validation of who sent it (the aforementioned SPF etc). SPF is a method of validating that an email came from an authorised source, but is generally only avaliable if you are using your own domain name - from the sounds of it you don't own the domain for the email address you use, so this isn't an option open to you.
What can you do about it? Not a lot if you use an old email address that is effectively "owned" by a 3rd party. Maybe think about migrating to gmail or something similar, or ideally your own domain name/email address, but this requires a bit of technical nous to make it all work.
The big negative side-effect of all of this is that because your address is being used to send spam, you may find yourself being blacklisted and unable to send to some recipients. To check if this is likely, I find this a good tool: https://www.mail-tester.com/
Thanks for your help - it's of some comfort that it's not too bad to be overly worried about
Here's one I received earlier - I have never clicked the 'original message' attachment as I suspect it would be a virus of some sort.
This is the mail system at host know-smtprelay-10-imp.
I am sorry to have to inform you that your message, "Fwd: Fw: to Theresa Hopkins", could not be delivered to moon3goddess3@aol.com.
The remote mail system said;
550:5.1.1 <moon3goddess3@aol.com>: Recipient address rejected: aol.com
The original message is attached.
Here's one I received earlier - I have never clicked the 'original message' attachment as I suspect it would be a virus of some sort.
This is the mail system at host know-smtprelay-10-imp.
I am sorry to have to inform you that your message, "Fwd: Fw: to Theresa Hopkins", could not be delivered to moon3goddess3@aol.com.
The remote mail system said;
550:5.1.1 <moon3goddess3@aol.com>: Recipient address rejected: aol.com
The original message is attached.
I wouldn't, if it's ISP provided email there's not a lot you personally can do.
Honestly I'd look at moving to either something like gmail or buying a domain name and using that (with an SPF record) but that's because ISP provided email is usually s
t and a pain if you ever decide to change ISP.
Honestly I'd look at moving to either something like gmail or buying a domain name and using that (with an SPF record) but that's because ISP provided email is usually s
t and a pain if you ever decide to change ISP.One month later and still getting a load of these mail deliverer notifications - the max has been 22 in a short time frame (ie 2 mins in a day) I've had to delete.
Not sure if this is a coincidence or not , but my Amazon password has been reset by someone using my email account to reset it. I've had email notifications to ask me to reply with a number and then another to say it's been reset - which I have sent to their 'stop-spoofing@Amazon' account. Had an automated reply to say it's been passed to security to investigate.
Fortunately, I don't keep my credit card details held on my Amazon account. A sensible precaution to take nowadays.
Not sure if this is a coincidence or not , but my Amazon password has been reset by someone using my email account to reset it. I've had email notifications to ask me to reply with a number and then another to say it's been reset - which I have sent to their 'stop-spoofing@Amazon' account. Had an automated reply to say it's been passed to security to investigate.
Fortunately, I don't keep my credit card details held on my Amazon account. A sensible precaution to take nowadays.
An even more sensible step for accounts such as Amazon & Google +others is to enable two factor (or two step) authentication.
When you login, a code is sent to your phone, which you then enter on the 2nd step to verify the login.
Most of these methods can remember the device you are logging in from, so you don't need to go through the two step process every time, only when logging in from a new device.
This Amazon page explains it.
When you login, a code is sent to your phone, which you then enter on the 2nd step to verify the login.
Most of these methods can remember the device you are logging in from, so you don't need to go through the two step process every time, only when logging in from a new device.
This Amazon page explains it.
An update in case this will help anyone else.
My local area lost internet access for 2 days last week -I think now is a good time to ring retentions team and see what deals they can give me. I cite the fact there's currently no internet, and have all these spam emails. I'm passed to technical support who say they'll fix it.
Yesterday, I couldn't gain access to my email account as 'someone' had changed the password. I ring tech support again and my email account has been blocked due to the sending of spam messages.
All sorted for the time being now, but I'd advise it's a good idea to ring your ISP's technical support team as they can help if it's not your fault.
My local area lost internet access for 2 days last week -I think now is a good time to ring retentions team and see what deals they can give me. I cite the fact there's currently no internet, and have all these spam emails. I'm passed to technical support who say they'll fix it.
Yesterday, I couldn't gain access to my email account as 'someone' had changed the password. I ring tech support again and my email account has been blocked due to the sending of spam messages.
All sorted for the time being now, but I'd advise it's a good idea to ring your ISP's technical support team as they can help if it's not your fault.
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff