Receiving 100s of unexpected 'mail delivery returned' emails
Discussion
Morning,
In the last few days, I have been receiving many 100s of 'mail delivery returned' bounces for emails I have not sent.
Now I understand that this is often a virus, but what is puzzling me is that the returned emails are coming to postmaster@"mydomain".com, and this is not a mailbox that is valid in my domain. They are thus being routed to the default mailbox in my domain.
Standard Windows virus checker finds nothing, and I am assuming someone is somehow spoofing my postmaster@ email address as the sender, rather than a virus sending them from my PC.
Anyone got any ideas if I can do anything here, or how to double check it is not a local virus?
Thanks,
Martin.
In the last few days, I have been receiving many 100s of 'mail delivery returned' bounces for emails I have not sent.
Now I understand that this is often a virus, but what is puzzling me is that the returned emails are coming to postmaster@"mydomain".com, and this is not a mailbox that is valid in my domain. They are thus being routed to the default mailbox in my domain.
Standard Windows virus checker finds nothing, and I am assuming someone is somehow spoofing my postmaster@ email address as the sender, rather than a virus sending them from my PC.
Anyone got any ideas if I can do anything here, or how to double check it is not a local virus?
Thanks,
Martin.
Thanks for the replies all, and my apologies for the delayed reply. I wanted to see what worked before reporting back so it may help others in future.
Alas the solution is not yet clear. I called my hosting provider (123-Reg), and they confirmed that they were seeing lots of spam traffic from my domain. So, I changed the passwords. This has slightly reduced, but not actually stopped the returned bounce emails - now 24 hours later.
So, I think either droopsnoots suggestion that they are simply using my domain as the 'from' address is correct, or there is a lag on the destination email servers processing the mail returns and it will stop completely shortly, once the password change effect comes in.
Juice's suggestion about DKIM/SPF sounds intriguing, and I need to do a lot more reading to understand this more. Looks like 123-Reg are happy to implement this, but looks like I need to somehow procure a provider for a DKIM record - all new to me.
Martin.
Alas the solution is not yet clear. I called my hosting provider (123-Reg), and they confirmed that they were seeing lots of spam traffic from my domain. So, I changed the passwords. This has slightly reduced, but not actually stopped the returned bounce emails - now 24 hours later.
So, I think either droopsnoots suggestion that they are simply using my domain as the 'from' address is correct, or there is a lag on the destination email servers processing the mail returns and it will stop completely shortly, once the password change effect comes in.
Juice's suggestion about DKIM/SPF sounds intriguing, and I need to do a lot more reading to understand this more. Looks like 123-Reg are happy to implement this, but looks like I need to somehow procure a provider for a DKIM record - all new to me.
Martin.
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff