| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 25211 | 2002-09-28 11:36:00 | Spyware, Hacker or Misdirected Mail???? | Brendonny (929) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 84239 | 2002-09-29 02:56:00 | If mail has been sent to "inbox.net", the only reason it could get to excite.com is intervention by a (rogue?) DNS server which translates the "inbox.net" to an IP address which is actually that of "excite.com" There is no indication of any redirection in that bounce message. So it went from you to excite.com, which looked at its list of known users, didn't find your friend and said so. Even if inbox.net has its mail server on the same host as excite.com, error messages should come from "inbox.net"... the multihosting would keep them separate: they can't work otherwise. ?:| |
Graham L (2) | ||
| 84240 | 2002-09-29 05:20:00 | It is very unlikely that mail would be misdirected. It is possible this person has set up a mail forwarding with his ISP so all his mail is sent to his excite account. He may be away from base at present and is accessing his excite account to get his ISP mail. The problem I feel is still with excite, either his account or the excite server. |
Jim B (153) | ||
| 84241 | 2002-09-29 09:05:00 | A forwarded email wouldn't have bounced back to the original sender, but to the forwarding sender. Have you been able to send any more emails to your friend? Try emailing him and see if he's getting your emails - or if you get another bounce. Mike. |
Mike (15) | ||
| 84242 | 2002-09-30 10:05:00 | My friend doesn't even have an excite account. I have since sent him e-mails and I haven't had that message back. His username starts with BR so even if I did type it in how would have I typed in the address that it said that it was going to. I don't even know that address. So how it got there I don't know. I have sent him e-mail since then and I don't get that message back so it must have been something wrong somewhere. |
Brendonny (929) | ||
| 84243 | 2002-09-30 22:08:00 | > My friend doesn't even have an excite account . I have > since sent him e-mails and I haven't had that message > back . His username starts with BR so even if I did > type it in how would have I typed in the address that > it said that it was going to . I don't even know that > address . So how it got there I don't know . the address at the start I believe could just be a server created address for your message, so it wouldn't have much to do with the email address you sent to, except that it should be on the same domain (eg inbox . net) . > I have sent him e-mail since then and I don't get > that message back so it must have been something > wrong somewhere . Yes there must be . I just sent an email to a non-existant address on both inbox . net and excite . com and they both bounce with their own domain . Although the bounce messages are from my ISP to me, not from the domains in question . . . Here they are: inbox . net This report relates to a message you sent with the following header fields: Return-path: <My Email Address > Received: from tcp-daemon . smtp1 . xxxxxxx . xx . nz by smtp1 . xxxxxxx . xx . nz (xxxxxxxxx Mail) id <0H3900N9LR5Y4X@smtp1 . xxxxxxx . xx . nz > (original mail from My Email Address); Tue, 1 Oct 2002 08:49:14 +1200 (NZST) Received: from Kashyyyk (xxx-xxx-xxx-xxx . dialup . xxxxxxx . xx . nz [xxx . xxx . xxx . xxx]) by smtp1 . xxxxxxx . xx . nz (xxxxxxxxx Mail) with ESMTP id <0H3900K6FR5UHH@smtp1 . xxxxxxx . xx . nz > for asdflkahsdgkuarhasdfj@inbox . net; Tue, 01 Oct 2002 08:49:10 +1200 (NZST) Date: Tue, 01 Oct 2002 08:49:00 +1200 From: Mike <My Email Address > Subject: hewllo To: asdflkahsdgkuarhasdfj@inbox . net Message-id: <003001c268c2$d007ee40$ed95a7cb@Kashyyyk > MIME-version: 1 . 0 X-MIMEOLE: Produced By Microsoft MimeOLE V6 . 00 . 2800 . 1106 X-Mailer: Microsoft Outlook, Build 10 . 0 . 4024 Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7bit Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal Your message cannot be delivered to the following recipients: Recipient address: asdflkahsdgkuarhasdfj@inbox . net Reason: Remote SMTP server has rejected address Diagnostic code: smtp;550 no such mailbox - > asdflkahsdgkuarhasdfj@inbox . net Remote system: dns;mail . inbox . net (TCP|203 . 97 . 33 . 27|47627|209 . 123 . 16 . 31|25) excite . com This report relates to a message you sent with the following header fields: Return-path: <My Email Address > Received: from tcp-daemon . smtp2 . xxxxxxx . xx . nz by smtp2 . xxxxxxx . xx . nz (xxxxxxxxx Mail) id <0H3900K3CR6DKT@smtp2 . xxxxxxx . xx . nz > (original mail from My Email Address); Tue, 1 Oct 2002 08:52:14 +1200 (NZST) Received: from Kashyyyk (xxx-xxx-xxx-xxx . dialup . xxxxxxx . xx . nz [xxx . xxx . xxx . xxx]) by smtp2 . xxxxxxx . xx . nz (xxxxxxxxx Mail) with ESMTP id <0H39008WQR8521@smtp2 . xxxxxxx . xx . nz > for asdfijaskufhsdkjflasdkfhawrughak@excite . com; Tue, 01 Oct 2002 08:50:32 +1200 (NZST) Date: Tue, 01 Oct 2002 08:50:23 +1200 From: Mike <My Email Address > Subject: Hello? To: asdfijaskufhsdkjflasdkfhawrughak@excite . com Message-id: <003601c268c3$00011ea0$ed95a7cb@Kashyyyk > MIME-version: 1 . 0 X-MIMEOLE: Produced By Microsoft MimeOLE V6 . 00 . 2800 . 1106 X-Mailer: Microsoft Outlook, Build 10 . 0 . 4024 Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7bit Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal Your message cannot be delivered to the following recipients: Recipient address: asdfijaskufhsdkjflasdkfhawrughak@excite . com Reason: Remote SMTP server has rejected address Diagnostic code: smtp;550 <asdfijaskufhsdkjflasdkfhawrughak@excite . com > : User unknown Remote system: dns;xmxpita . excite . com (TCP|203 . 97 . 37 . 27|64648|208 . 45 . 133 . 107|25) Dunno what this proves :) Mike . |
Mike (15) | ||
| 84244 | 2002-09-30 22:10:00 | very strange - it wouldn't let me turn off the italics for the second half of my post... ?:| Mike. |
Mike (15) | ||
| 84245 | 2002-10-01 20:31:00 | Brendonny, Just had an idea, and tested it out. This friend might have bounced your email himself (either accidentally or not) using something like BSM or Mailwasher or similar. I just sent myself an email to another email account, and then bounced it using Mailwasher. Although it keeps my email address correct for the user unknown bit, the server info through the bounce are referenced to the ISP that I sent the bounce through (does that make sense?) For example if I use a web based email address that has pop access, but smtp has to be through my ISP, the bounce message lists my ISP as the sending server rather than my web based provider. I would have needed to set the smtp to my web based provider (which I can't do) for it to list that server as the bouncing server. Make sense? That could explain why the bounce seemed to come through Excite rather than inbox.net - your friend might be using excite as their smtp server, and could be bouncing emails manually. Mike. |
Mike (15) | ||
| 84246 | 2002-10-01 20:35:00 | here's the bounce message, as an example (might not be the same as the one you've got cause it could have come from a different bounce program). The original message was received at Wed, 2 Oct 2002 07:10:59 +1200 from smtp.MY.ISP.nz [xxx.xxx.xxx.xxx] ----- The following addresses had permanent fatal errors ----- <me@mywebbasedprovider> (expanded from: <me@mywebbasedprovider>) ----- Transcript of session follows ----- mail.local: unknown name: myname 550 <me@mywebbasedprovider>... User unknown Its a possibility. Mike. |
Mike (15) | ||
| 84247 | 2002-10-02 03:43:00 | It could be a possibility I don't doubt that but I do have doubts about that because that e-mail address doesn't get any spam. I know that. That e-mail address That I sent the e-mail to was the one that he uses for all his friends e-mails. I will ask him tonight about it but he has another one that he uses to sign up to news letters, places where they want your e-mail address etc. So I will ask him about it though but I don't think that he would have bounced it since he only checks that one on the web as well. Brendonny :-) |
Brendonny (929) | ||
| 84248 | 2002-10-02 08:46:00 | That's correct Mike. Most ISPs won't let you use their SMTP server unless your connected up to their network at the time. |
-=JM=- (16) | ||
| 1 2 | |||||