Tons of spam the last few day | Off Topic | unofficial empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

You are not logged in. [Log In] empegbbs.com » Forums » General Discussion » Off Topic » Tons of spam the last few day

Topic Options

#313182 - 26/08/2008 08:37 Tons of spam the last few day
petteri addict Registered: 02/08/2004 Posts: 434 Loc: Helsinki, Finland	Has my e-mail account been hacked? I've been getting anywhere from 30 to 60 of these type of things the last few days: Quote: This is the mail system at host noc.ntu-kpi.kiev.ua. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system <dew@pma.ntu-kpi.kiev.ua>: host pma.ntu-kpi.kiev.ua[10.255.14.1] said: 550 5.1.1 <dew@pma.ntu-kpi.kiev.ua>... User unknown (in reply to RCPT TO command) Reporting-MTA: dns; noc.ntu-kpi.kiev.ua X-Postfix-Queue-ID: EAB77EF9FF X-Postfix-Sender: rfc822; MY EMAIL ADDRESS WAS HERE Arrival-Date: Tue, 26 Aug 2008 05:04:15 +0300 (EEST) Final-Recipient: rfc822; dew@pma.ntu-kpi.kiev.ua Original-Recipient: rfc822;dew@pma.ntu-kpi.kiev.ua Action: failed Status: 5.1.1 Remote-MTA: dns; pma.ntu-kpi.kiev.ua Diagnostic-Code: smtp; 550 5.1.1 <dew@pma.ntu-kpi.kiev.ua>... User unknown Received: from mta5.srv.hcvlny.cv.net (mta5.srv.hcvlny.cv.net [167.206.4.200]) by noc.ntu-kpi.kiev.ua (Postfix) with ESMTP id EAB77EF9FF for <dew@pma.ntu-kpi.kiev.ua>; Tue, 26 Aug 2008 05:04:15 +0300 (EEST) Received: from ool-18bf9629.edu.static.optonline.net (ool-18bf9629.dyn.optonline.net [24.191.150.41]) by mta5.srv.hcvlny.cv.net (Sun Java System Messaging Server 6.2-8.04 (built Feb 28 2007)) with SMTP id <0K660036KMGN2S01@mta5.srv.hcvlny.cv.net> for dew@pma.ntu-kpi.kiev.ua; Mon, 25 Aug 2008 22:02:52 -0400 (EDT) Date: Mon, 25 Aug 2008 22:03:05 -0700 From: MY EMAIL ADDRESS WAS HERE Subject: =?Windows-1251?Q?i_CRM_-_=F1=E8=F1=F2=E5=EC=ED=E0=FF_=F0=E0=E1=EE=F2=E0_=F1_=EA=EB=E8=E5=ED=F2=EE=EC._?= To: =?Windows-1251?Q?=CC=E8=F5=E0=E8=EB_=C1=EE=E3=F3=F1=EB=E0=E2=EE=E2=E8=F7_=CA=F0=E5=F7=E5=F2=EE=E2?= <perryshelton@earthlink.net>, =?Windows-1251?Q?=C3=E5=ED=E0=E4=E8=E9_=C8=E2=E0=ED=EE=E2=E8=F7_=D8=E0=F2=F3=F5?= <perryshelton@earthlink.net> Message-id: <000b01c906fe$59dff880$2996bf18@ool-18bf9629.edu.static.optonline.net> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Mailer: Microsoft Outlook Express 6.00.2800.1106 Content-type: text/plain; charset=windows-1251 Content-transfer-encoding: 8BIT X-Priority: 3 X-MSMail-priority: Normal
Top

#313183 - 26/08/2008 09:03 Re: Tons of spam the last few day [Re: petteri]
Schido enthusiast Registered: 29/03/2005 Posts: 364 Loc: Probably lost somewhere in Wal...	Your email address is probably on a spammers list or cd. They use those addresses for fake headers too. _________________________ Empeg Mk1 #00177, 2.00 final, hijack 4.76
Top

#313184 - 26/08/2008 10:32 Re: Tons of spam the last few day [Re: Schido]
Dignan carpal tunnel Registered: 08/03/2000 Posts: 12318 Loc: Sterling, VA	For some reason in the past few days GMail has not filtered out a couple hundred obvious spam messages. I have no idea how their spam filters work, but apparently the "Report as Spam" button is utterly useless. Every message has either "poker" or "debt" in the subject, and look very similar otherwise. Their algorithms must not be terribly good. A while back I was getting hundreds of viagra spam, which I would think would be a no-brainer for spam filters. I hate to create filters on the off chance that someone sends me legit mail that happens to contain certain words in the subject. _________________________ Matt
Top

#313187 - 26/08/2008 12:23 Re: Tons of spam the last few day [Re: Dignan]
mlord carpal tunnel Registered: 29/08/2000 Posts: 14483 Loc: Canada	In this case, one could just toss everything incoming from *.ua
Top

#313194 - 26/08/2008 14:01 Re: Tons of spam the last few day [Re: mlord]
lectric pooh-bah Registered: 20/01/2002 Posts: 2085 Loc: New Orleans, LA	Every few days, I check the mail logs, check the biggest spammers, and drop the entire B or C class at my firewall. Works wonders.
Top

#313202 - 26/08/2008 16:10 Re: Tons of spam the last few day [Re: petteri]
DWallach carpal tunnel Registered: 30/04/2000 Posts: 3810	What you're seeing is backscatter from other spam attempts. The spammer is forging your email address in the "from" field, sending that to other people, and those servers are barfing back at you. I had several days of this, at one point. Then it up and stopped. I'm guessing that the spammers pick one email address and use it just long enough to get stuff through before it's considered "burned" and then move on to the next one.
Top

#313211 - 26/08/2008 18:51 Re: Tons of spam the last few day [Re: Dignan]
g_attrill old hand Registered: 14/04/2002 Posts: 1172 Loc: Hants, UK	I've found GMail (Apps) to be ok recently, although I've had a couple of false positives in the past week, but both were from the same sender, but their IT infrastructure (and company owner) is "quirky" to say the least, so I wasn't too surprised. I did switch off catch-all a few months ago, I spent an evening going through various sites changing email addresses and adding aliases for those where it was impossible to change the address (hello? who designed this crap!) GMail was handling the spam ok, but the small (but significant) number of false positives is such that I need to manually browse the spam folder once a week, and catch-all was making it at least 5x as large.
Top

#313213 - 26/08/2008 19:45 Re: Tons of spam the last few day [Re: g_attrill]
frog51 pooh-bah Registered: 09/08/2000 Posts: 2091 Loc: Edinburgh, Scotland	I've had NO gmail spam for over 3 months now (well, there are about 1800 in the spam folder, but I don't worry about them!) and even before that there were about 2 per month tops. I think Google do pretty well on this front, tbh. _________________________ Rory MkIIa, blue lit buttons, memory upgrade, 1Tb in Subaru Forester STi MkII, 240Gb in Mark Lord dock MkII, 80Gb SSD in dock
Top

#313214 - 26/08/2008 21:21 Re: Tons of spam the last few day [Re: DWallach]
petteri addict Registered: 02/08/2004 Posts: 434 Loc: Helsinki, Finland	Originally Posted By: DWallach What you're seeing is backscatter from other spam attempts. The spammer is forging your email address in the "from" field, sending that to other people, and those servers are barfing back at you. I had several days of this, at one point. Then it up and stopped. I'm guessing that the spammers pick one email address and use it just long enough to get stuff through before it's considered "burned" and then move on to the next one. This is what I thought might be happening. As of today it does seemed to have stopped. I also added a bunch to eathlink's "spambuster" list. As far as GMail goes, I almost never get spam in my in box there. The spam folder gets a lot, but I just scan that quickly and empty it from time to time.
Top

#313226 - 27/08/2008 02:03 Re: Tons of spam the last few day [Re: petteri]
FireFox31 pooh-bah Registered: 19/09/2002 Posts: 2494 Loc: East Coast, USA	You're lucky that you only get 60 of those backscatter/bounce messages a day. Somehow, an e-mail alias that I've never used started receiving those messages at a rate of 2 per minute, ~120 per hour. Thankfully, my system uses "maildropfilter", which I told to discard everything to that alias. And the backscatter to this alias has not stopped for months. It's apparently some kind of new trick, I just don't see the point. Using my address to mailbomb every Russian server nonstop for a year? _________________________ - FireFox31 110gig MKIIa (30+80), Eutronix lights, 32 meg stacked RAM, Filener orange gel lens, Greenlights Lit Buttons green set
Top

#313291 - 28/08/2008 16:43 Re: Tons of spam the last few day [Re: FireFox31]
canuckInOR carpal tunnel Registered: 13/02/2002 Posts: 3212 Loc: Portland, OR	Originally Posted By: FireFox31 It's apparently some kind of new trick, I just don't see the point. It's not really a new trick -- they've been doing it for quite a while. The point of doing it is so that it's not the spammer themselves, who has to get all the rejection or invalid address notices.
Top

#313297 - 28/08/2008 17:08 Re: Tons of spam the last few day [Re: canuckInOR]
tman carpal tunnel Registered: 24/12/2001 Posts: 5528	Originally Posted By: canuckInOR Originally Posted By: FireFox31 It's apparently some kind of new trick, I just don't see the point. It's not really a new trick -- they've been doing it for quite a while. The point of doing it is so that it's not the spammer themselves, who has to get all the rejection or invalid address notices. Another reason is that its so the sender can have a valid looking address. They used to just make one up or just provide some throw away account but spam filters started blocking those. Their solution was to just pick some address at random from their own spam lists and then use that.
Top

View All Topics