**** Site Using My E-Mail addy.

Ok, I have got a problem.
It seems that a **** site has somehow gotten hold of my e-mail address & is sending out Spam that is supposedly coming from me. They even sent some to me & I know I didn't send it to myself. I don't visit **** sites so how did this happen? When I received one supposedly from "me to me," I bounced it with Mailwasher. Guess who it came back to? You guessed it, it bounced back to me. What the **** is going on anyway?
I know there are harvester bots for that sort of e-mail address stealing, but how did they get it to bounce back to me.
This is a mess & I'd like to know what to do about it. If other people are getting this stuff supposedly from me, then complaints to my ISP could get my account taken away, and make my friends mad at me & ban me from their e-mail addresses.
Geesh, I hate these sorry excuses for human beings that do this stuff.

 

It's not unusual to receive spam which appears to originate from your own e-mail address but, in fact, does not. No need to worry about it - the spams sent to others which all show the source as being their own addresses; not yours'.

 

One of your friends has a virus which has taken over his address list and is sending messages in the names of those in it. I do not know whether clicking on the message's File|Properties|Details (and even Message Source, if necessary) will help you determine who the friend is, but you might try. If successful, you could tell him and he could then clean the situation up.
I assume you have an up-to-date antivirus program installed. If not, get one and scan your PC, just in case.

 

Thanks Guys.
I was really worried about that. So I guess I don't have to worry about all my friends getting mad at me.
The first thing I did was run my AV (which is always up to date) & scan for trojans. My Trojan scanner stays up to date too. I was clean.
I went into the properties of it & couldn't find anything that pointed to one of my friends, but that stuff is a little confusing to me, but I'll look harder next time.
Thanks again for your input.

 

Deloris--You're welcome!
A tiny bit more info here
http://www.pcworld.com/news/article/0,aid,103259,pg,1,00.asp

 

You can review the mail header and read where the email actually came from. You can forge a from address and even hide a to address with any problems. But you can't forge which server actually sent it to you, which is recorded in the mail header.

 

Bursley wrote:-

... unless it's routed via a dubious server which is none too fussy about the accuracy of the HELO handshake.

 

Thanks to everyone for their interest.

I knew how Klez worked, & had considered that possibility, but I'd gotten three of them at the point of my posting & each one read the same way in the properties headers, so it was coming from the same place.

The main worry I had was that this place was sending out **** Spam to others in my name & would cause me problems with my ISP if complaints were sent in to my ISP saying that I was doing this.

I sent a letter to all my contacts telling them about it & many wrote back saying that they had not received any **** Spam supposedly from me, so hopefully neither is anyone else, but that is not certain. I couldn't manage to get a handle on where the stuff was actually originating from. I'm not too good at that tracking stuff anyway, so if I happen to get another one, I will post the Properties Header & see if anyone can help me figure it out. Dumb like, I deleted them. But I expect I will receive more in the future.

Yes, the original sender can be hidden by, as Brett puts it, it's routed via a dubious server which is none too fussy about the accuracy of the HELO handshake.

That's done all the time, so finding these sorry excuses for humans can be quite difficult indeed. They're getting smarter all the time. Why can't I get smarter & manage to catch one? LOL

 

This chap did! It's quite a funny tale!

 

Sorry guys. I haven't been around much for several days, but just wanted to say thanks to everyone. For now the problem seems to have gone away, but I won't hold my breath.

 

You may be amused by the following explanation, contained in a piece of spam I received, as to why my address was placed in both the To and the From lines of the header.

How considerate of them!

 

Yes, how considerate of them.

Well, it's a good thing I didn't hold my breath. I got another one a couple of days ago.

This is the properties on it. I am going to X out my ISP server name as I do not wish it to show on public forum. deanale is, of course, my e-mail name.
*************
Received: by mail-1 (mbox deanale)
(with Cubic Circle's cucipop (v1.31 1998/05/13) Thu Sep 5 16:30:25 2002)
X-From_: deanale@xxxxxxxxxxx.com Thu Sep 5 14:12:39 2002
Return-Path: <deanale@xxxxxxxxxxx.com>
Received: from ismtp4.entelchile.net (ismtp4.real1.mail.entelchile.net [164.77.181.13])
by mail-1.powerisp.com (8.12.1/8.12.1/Debian -2) with ESMTP id g85JC2JV016620
for <deanale@xxxxxxxxxxx.com>; Thu, 5 Sep 2002 14:12:24 -0500
Received: from SMTP ([164.77.47.66]) by ismtp4.priv2.mail.entelchile.net
(iPlanet Messaging Server 5.1 (built Sep 5 2001))
with SMTP id <0H1Z00EXBBUC5M@ismtp4.priv2.mail.entelchile.net> for
deanale@xxxxxxxxxxx.com; Thu, 05 Sep 2002 15:08:36 -0400 (CLT)
Date: Thu, 05 Sep 2002 15:08:36 -0400 (CLT)
Date-warning: Date header was inserted by ismtp4.priv2.mail.entelchile.net
From: deanale@xxxxxxxxxxx.com
Subject: Brutal Rape galleries! Deanale, it's your personal invitation!
To: deanale@xxxxxxxxxxx.com
Message-id: <0H1Z00EXEBUC5M@ismtp4.priv2.mail.entelchile.net>
MIME-version: 1.0
Content-type: text/html
Content-transfer-encoding: 7BIT
***********

If anyone can help me figure out where this actually came from, I sure would appreciate it. I've read stuff about figuring it out, but I can't seem to understand what they're saying to do. Maybe I'm just dense.

 

It originated from the entelchile.net domain (the Return Path and specified IP match so it's safe to assume that both are accurate).

Send an abuse report here and/or block mail from that domain.

 

Thanks so much brett.
I filtered it in Mailwasher. Now I need to compose an abuse letter & get that done.
Once I get that done, I will have done what I can, I guess.
Maybe one of these days I can figure out how to figure out those headers myself. It will dawn on me eventually. Suddenly a light bulb will go on in my brain & I'll wonder why I didn't understand it before.

Thanks again for your help. I really appreciate it.