Follow us on Twitter!
The measure of a mans life is not how well he dies, but how well he lives.
Saturday, April 19, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 24
Guests Online: 23
Members Online: 1

Registered Members: 82843
Newest Member: hx47
Latest Articles
View Thread

HellBound Hackers | Computer General | Increasing Security

Author

Possible Email Spoofing??


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 11-02-07 12:50
I have been having a bit of a problem with seemingly randomly generated email addresses. I have been receiving numerous 'delivery failure: return to sender' messages for email addresses i did not create but which are being used to send spam to other people. Is this a virus or some other person bouncing through the company? Any help would be much appreciated.
Author

RE: Possible Email Spoofing??

Mr_Cheese




Posts: 2468
Location: Brighton, UK
Joined: 30.11.04
Rank:
Uber Elite
Posted on 11-02-07 13:11
could you copy/paste the email headers so i can get a bit more info.


http://www.hellboundhackers.org/
Author

RE: Possible Email Spoofing??


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 12-02-07 20:24
Here's the headers for two of the messages, it is from outlook so i hope this is what you are after.

First Message

Return-Path: <>
Received: from mwinf3009.me.freeserve.com (mwinf3009.me.freeserve.com)
by mwinb3301 (SMTP Server) with LMTP; Sun, 11 Feb 2007 22:43:17 +0100
X-Sieve: Server Sieve 2.2
Envelope-to: hyrssf@fourseasons99.fsnet.co.uk
Received: from me-wanadoo.net (localhost [127.0.0.1])
by mwinf3009.me.freeserve.com (SMTP Server) with ESMTP id 579311C00B6E
for <hyrssf@fourseasons99.fsnet.co.uk>; Sun, 11 Feb 2007 22:43:17 +0100 (CET)
Received: from outdoors.kent.net (outdoors.kent.net [216.8.139.130])
by mwinf3009.me.freeserve.com (SMTP Server) with ESMTP id 2C9871C00B7A
for <hyrssf@fourseasons99.fsnet.co.uk>; Sun, 11 Feb 2007 22:43:16 +0100 (CET)
X-ME-UUID: 20070211214316182.2C9871C00B7A@mwinf3009.me.freeserve.com
Received: from localhost (localhost)
by outdoors.kent.net (8.13.8/8.13.8) id l1BLgdnK029651;
Sun, 11 Feb 2007 16:42:39 -0500
Date: Sun, 11 Feb 2007 16:42:39 -0500
From: Mail Delivery Subsystem <MAILER-DAEMON@outdoors.kent.net>
Message-Id: <200702112142.l1BLgdnK029651@outdoors.kent.net>
To: <hyrssf@fourseasons99.fsnet.co.uk>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="l1BLgdnK029651.1171230159/outdoors.kent.net"
Subject: *** SPAM *** Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)
X-me-spamlevel: med
X-me-spamrating: 66.903056



Second Message

Return-Path: <>
Received: from mwinf3113.me.freeserve.com (mwinf3113.me.freeserve.com)
by mwinb3301 (SMTP Server) with LMTP; Sun, 11 Feb 2007 14:15:23 +0100
X-Sieve: Server Sieve 2.2
Envelope-to: ytiluo@fourseasons99.fsnet.co.uk
Received: from me-wanadoo.net (localhost [127.0.0.1])
by mwinf3113.me.freeserve.com (SMTP Server) with ESMTP id 6A2C91C00969
for <ytiluo@fourseasons99.fsnet.co.uk>; Sun, 11 Feb 2007 14:15:23 +0100 (CET)
Received: from nm05omta05d.dion.ne.jp (nm05mta.dion.ne.jp [219.125.112.14])
by mwinf3113.me.freeserve.com (SMTP Server) with SMTP id A73691C00942
for <ytiluo@fourseasons99.fsnet.co.uk>; Sun, 11 Feb 2007 14:15:21 +0100 (CET)
X-ME-UUID: 20070211131522685.A73691C00942@mwinf3113.me.freeserve.com
To: <ytiluo@fourseasons99.fsnet.co.uk>
From: MAILER-DAEMON@m8-filter.dion.ne.jp
Message-ID: <200702111315199288600005LFD2@nm05ldf05d.dion.ne.jp>
Date: Sun, 11 Feb 2007 22:15:19 +0900
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="==_LFD2/AvFPZqQBRBs=/LDS"
Subject: *** SPAM *** Undeliverable Mail
X-me-spamlevel: med
X-me-spamrating: 65.879132

Never mind, it doesn't pose any threat, i think is possibly another form of ridiculous spam, so easily sortable. Thanks anyway

Edited by on 17-02-07 23:35