I have a friend of mine who I have given a hosting account on one of our servers. Everything has been good for about a year, then all of a sudden a couple of days ago his inbox starts to fill up with undeliverable messages.
I changed his default e-mail address to mine so I could see some of the messages, and sure enough he is getting around 100-150 e-mails a day stating that a message he sent was undelieverable. But he didn't send any of the messages?
Each message has a different to in the e-mail address - such as [email protected] and [email protected]
here is a sample e-mail that was returned:
Received: from logs-tp.proxy.aol.com (logs-tp.proxy.aol.com [152.163.246.15]) by rly-ip03.mx.aol.com (v95.1) with ESMTP id RELAYIN2-3400f91bc246; Thu, 22 Jan 2004 04:02:52 1900
Received: from mail.postmark.net (AC956C46.ipt.aol.com [172.149.108.70]) by logs-tp.proxy.aol.com (8.12.10/8.12.10) with SMTP id i0M9037H496960 for <[email protected]>; Thu, 22 Jan 2004 09:00:04 GMT
Message-ID: [email protected]
Date: Thu, 22 Jan 200408:58:51 AM
From: "Cleora NEITO" <[email protected]>
Subject: led them over the crest of some granite hill that was higher than
To: [email protected]
X-Mailer: Mozilla 4.72 [en] (X11; U; Linux 2.2.18 i686)
Importance: Normal
MIME-version: 1.0
Content-type: text/plain; charset=US-ASCII
X-AOL-IP: 152.163.246.15
Plain Text Attachment [ Download File Save to my Yahoo! Briefcase ]
That’s it! No more c.r,ea,ms or e,x,e.rc.i.s.e.s and you don’t h,a.v.e
to remember to take a p.il,l three times a day
http://yyqxymvxz.medalive.biz/index.php?refid=P0300
GET a b,i.gge.r pe,n.i.s t.od.ay ( 1 to 3 i.nc,h.e.s ) 1.00, % m.o,n.ey
back guaranteed
I wanna remove
http://yqngvcsgqn.medalive.biz/ouptout.php?refid=P0300
depreciation and gold was worth far more than silver. The two young
surgeons, a,b.o.u.t twenty years of age at the m,os,t, yielded themselves
up to the poesy of their situation with all the enthusiasm of youth.
Between Strasburg and
Is there a way we can tell where this e-mail is comming from? I'm not really sure how to read those headers....
I changed his default e-mail address to mine so I could see some of the messages, and sure enough he is getting around 100-150 e-mails a day stating that a message he sent was undelieverable. But he didn't send any of the messages?
Each message has a different to in the e-mail address - such as [email protected] and [email protected]
here is a sample e-mail that was returned:
Received: from logs-tp.proxy.aol.com (logs-tp.proxy.aol.com [152.163.246.15]) by rly-ip03.mx.aol.com (v95.1) with ESMTP id RELAYIN2-3400f91bc246; Thu, 22 Jan 2004 04:02:52 1900
Received: from mail.postmark.net (AC956C46.ipt.aol.com [172.149.108.70]) by logs-tp.proxy.aol.com (8.12.10/8.12.10) with SMTP id i0M9037H496960 for <[email protected]>; Thu, 22 Jan 2004 09:00:04 GMT
Message-ID: [email protected]
Date: Thu, 22 Jan 200408:58:51 AM
From: "Cleora NEITO" <[email protected]>
Subject: led them over the crest of some granite hill that was higher than
To: [email protected]
X-Mailer: Mozilla 4.72 [en] (X11; U; Linux 2.2.18 i686)
Importance: Normal
MIME-version: 1.0
Content-type: text/plain; charset=US-ASCII
X-AOL-IP: 152.163.246.15
Plain Text Attachment [ Download File Save to my Yahoo! Briefcase ]
That’s it! No more c.r,ea,ms or e,x,e.rc.i.s.e.s and you don’t h,a.v.e
to remember to take a p.il,l three times a day
http://yyqxymvxz.medalive.biz/index.php?refid=P0300
GET a b,i.gge.r pe,n.i.s t.od.ay ( 1 to 3 i.nc,h.e.s ) 1.00, % m.o,n.ey
back guaranteed
I wanna remove
http://yqngvcsgqn.medalive.biz/ouptout.php?refid=P0300
depreciation and gold was worth far more than silver. The two young
surgeons, a,b.o.u.t twenty years of age at the m,os,t, yielded themselves
up to the poesy of their situation with all the enthusiasm of youth.
Between Strasburg and
Is there a way we can tell where this e-mail is comming from? I'm not really sure how to read those headers....
