grumpyolddude

Started yesterday afternoon (1/21/08), my grumpyolddude email address has been inundated with "delivery failure" and "bulk mail blocked" messages.... about a dozen yesterday... I woke up ro about 75 more, and they're still coming in... approaching a hundred. Nine more as I typed this.

I do not recognize any of the addressees. My "sent" mail shows no evidence that I sent the emails, but the data shows my email as the return address.

I've sent an abuse report to ATT/Yahoo, but I'm hoping someone here could offer some advice on other action I can take, short of closing the account and starting with a new ID. I fear that I'm on the verge of being labelled a spammer, while nothing could bve further from the truth.

Help me Obi Wan... You're my only hope!

merleniau

Have you changed your password yet?

__________________
"Without passion man is a mere latent force and possibility, like the flint which awaits the shock of the iron before it can give forth its spark."
— Henri-Frédéric Amiel

ratbastid

It happens. Your account hasn't been hijacked per se, but your email address has been used as the "From" or "Reply-To" address on a spam mailing. So all their bounces come to you.

They didn't have to get into your account or send those mail from anything to do with you--they literally filled in a field in THEIR mass-email program with YOUR email address. So you're not hacked or hijacked or in any real trouble except that you're in line for a whole lot of bounced email coming to you.

It's very irritating, but it happens, and it ought to be over fairly soon.

Martian

ratbastid is right. It's a spoofed header and there's probably nothing you can do about it. It's a nuisance, but you just have to ride it out.

__________________
Some will win, some will lose
Some were born to sing the blues
Oh, the movie never ends
It goes on and on and on and on

- Journey, Don't Stop Believein'

grumpyolddude

I appreciate the quick responses!

I trust you guys, and I'll try to be patient and ride it out. It's a relief that I won't have to shut down my email. I've been Grumpy for a long time, and intend to stay that way!

Now, get off my lawn, damn kids!

Cynthetiq

yeah it happens to people from time to time, it's looks like it was your turn in the barrel.

__________________
I don't care if you are black, white, purple, green, Chinese, Japanese, Korean, hippie, cop, bum, admin, user, English, Irish, French, Catholic, Protestant, Jewish, Buddhist, Muslim, Indian, cowboy, tall, short, fat, skinny, emo, punk, mod, rocker, straight, gay, lesbian, jock, nerd, geek, Democrat, Republican, Independent, either you're an asshole or you're not.

grumpyolddude

The notice count just blew past 150!

Now it's gonna get interesting watching how many I receive.
(Jeez, I need a life!)

BTW: is anyone here interested in 60% off Top Designer Shoes, by Gucci, Dior, Prada, Chanel and more.....?

God of Thunder

It still wouldn't hurt to change your password.

Although, as usual, Ratbastid is probably right.

__________________
I reject your reality, and substitute my own

-- Adam Savage

twistedmosaic

Haha, I used to spoof support@aol.com emails to my friends back when I was 12 to get them to change their AIM password.

Anyways, if there's any sort of common thread in the bounced responses, (the words 'invalid' or 'not found' or the subject line) just set up a filter to either delete them or dump them in your spam filter, and then ignore.

__________________
☻☻☻☻☻☻☻☻☻☻
☻☻☻☻☻☻☻☻☻☻
☻☻☻☻☻☻☻☻☻☻
☻☻☻☻☻☻☻☻☻☻

grumpyolddude

Yep, password is new.

180+ and counting!

allaboutmusic

The world needs an email protocol that verifies senders.

ratbastid

Well, but how WOULD you verify senders? You going to double email bandwidth around the world and make every receiving SMTP server check the putative SMTP server of the "From" and "Reply-To" addresses and make sure they're deliverable? SMTP is designed to be a stateless, connection-time protocol. In theory, I should be able to take my SMTP server offline immediately after dispatching an email and it should get there fine.

And even if you were willing to do that, verifying the deliverability of an email address wouldn't help in this situation. It's the deliverability of that address that's the problem! So... Every email now needs to be MANUALLY checked with the actual person who sent it? That's secure, but imagine... if I sent you an email, and a few moments later when your SMTP server received it, it sends me a message to verify that I really was the one sending it. I then need to reply to that... Somehow it needs to trust that that message really did get to ME and not somebody PRETENDING to be me....

There's really NO good way to do this--every solution is a compromise on some level. Things like real-time blacklists and Bayesian filtering eliminate a whole lot of spam. Since I switched to routing all my mail through Gmail, I haven't seen much spam at all--and I've had my main address for six or seven years. My Gmail spam folder catches anywhere from 80 to 250 spams a day that I never have to see or deal with. Seems like that's an adequately good tool, to me. It doesn't save me from being spoofed as the sender of spam, but a simple filter will keep those from being annoying as well.

Jinn

Thank you rat, I was half way through a similar post when I gave up..

__________________
If you struggle with something your entire life, try harder.
Awareness without action is worthless, and failure is not an accident.

Redlemon

Well, isn't the current spam levels something like 90% of the email bandwidth? That should result in a bandwidth savings after a month or so.

__________________
I can't read your signature. Sorry.

ratbastid

Okay, maybe so... But that's only the beginning of the technical hurdles. I refer you to the rest of my post.

Actually, last I heard spam is down worldwide. It's still the majority of mail volume, but it's down from the 90% it used to be.

Xazy

I was going to ask why you keep emailing me about viagra, and penis enlargers.

allaboutmusic

I'm not a technical person and know nothing about the SMTP protocol (presumably it uses relaying rather than direct communication?), I'm sure there are technical hurdles, but a solution would be awesome.

grumpyolddude

I didn't realize that you were on my "targeted advertising" list

The trash count blew past 1000 early this afternoon... that's just the ones that got past the filters I set up.

blahblah454

Holy crap grumpy. Hope this gets kicked fast.

spindles

The only real problem with filtering the bounce messages, is that you will also filter out any REAL bounce messages as well. When you get a real one of these, you really want to get it...

On a side note - testing for validity by re-checking the originating server would be a pain - I have 4 different email addresses and (generally) use the local mail server to send (by and large ISPs don't require authentication on their mail servers when you are 'inside' that ISP). So while I regularly use two different mail servers to send, neither of them are the incoming mail server of my main email address. Bloody hard to verify that kind of thing...

__________________
who hid my keyboard's PANIC button?

ratbastid

Absolutely. I'd set up a filter to catch something unique about the bounces--given they're spam, they'll all say the same things and it should be easy to find a spammish phrase to catch them on.

Absolutely. SMTP is the single most ad-hocked protocol there is. I can't tell you how many conversations I've had with local techs about "how they do email here". There are myriad ways to set it up, and they're all more or less "right".

grumpyolddude

Round two started today. Now it seems I'm offering "Christmas FREE BONUS!"
... could use one of those myself....

Since I set up some filters, I can longer give an accurate count. Damn!

kurty[B]

Another tip grumpyolddude. Contact your e-mail provider. If it's gmail, or an Internet Service Provider. There is not much they can do, but they can try and research it and at least attempt to stop the influx of messages bouncing back to you (especially if this goes on for days). The longer it goes on the more they can do, and maybe try and pinpoint where the messages are originating from. Usually, a SPAMmer will have moved onto masking their e-mail with a different e-mail address by now.

__________________
In the Absence of Information People Make Things Up.

grumpyolddude

My first action was to call ATT/Yahoo, to which their initial response was to direct me to file an abuse report online. fI was told that the customer service reps in our meat world could not do a thing for me, except assure me that, at that time, I hadn't been reported as a serial spammer. In that abuse report, I included the headers from the first 90 or so bounces. I think that I'll send them the 1200+ that I've cached away since then.


**UPDATE**
Did the online chat thing with ATT/Yahoo tech support. "Larry" told me to do a bunch of things that I'd already done: passsword, filters, abuse report, yadda... Now it seems that I could only be helped with live vocal contact.
So, I call the tekkies, "Jay" this time. He's shocked that I hadn't been contacted by the abuse troubleshooters. It seems that they "Have Tools" that can get to the bottom of this. I am to expect a call from them in the next couple of days.
Yippie

Hey, thanks everyone for your input. This has sparked a livelier response that I expected

grumpyolddude

There's been a new development. Now there's porn being spam with my email address on it.

Yahoo technical support was going to call me... hasn't happened.

It occurred to me that, just maybe, some a-- hole might be trying to get me off my email address, so they can have it for themselves....

My paranoia is growing.

pig

grumpy: if it's really bothering you...start a new email addy, and keep the old one. let this run its course. when it's done, forward emails from your new addy to your old one. you can set up automatic forwarding in your email. you get less hassle, and you don't lose your preferred email address.

__________________
You don't love me, you just love my piggy style

shakran

don't feel too bad Grumpy. This happened to me once, and I was deluged with a bunch of angry emails telling me never to try selling them penis enlargement pills again.