From: James Lay (jlayslave-tothe-box.net)
Date: Tue Apr 22 2008 - 12:03:26 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 4/22/08 9:18 AM, "Leo Ofenstein" <kashmastersbcglobal.net> wrote:

> First, I apologize if you are offended at a question not related
> directly and absolutely to postfix (at least, it probably doesn't
> relate... it may, but I don't know what software the County's email
> server uses - it could be postfix for all I know ;>), but this group has
> the best and brightest email minds that I have seen, and I am hoping you
> can help!
>
> My neighbor, a County Judge, has begun receiving 100s of bounce notices
> a day. It appears that someone forged her return address on a spam
> campaign, because it doesn't look like the messages actually came from
> malware on her computer. This same thing happens to me every once in a
> while, but it seems to last only a day or two... I have a suspicion it
> may be very prevalent. I have two questions about this.
>
> First, what is the best way to be sure that the messages don't originate
> from her computer? I checked it with Kaspersky, AVG and HiJack (it's a
> Win XP Pro box) and see no infections, and the headers of the bounced
> messages don't contain references to her email server, but...
>
> Second, other than the annoyance of these blasted messages bouncing
> back, is there a potential blacklisting problem relating to her email
> address?
>
> Thanks for any help you can offer.

I think some backscatter come with a full transcript of the email that was
sent..which should include the originating IP address. Scope out one of the
backscatter emails and see if the originating IP matches the machine in
question...if it does, that's bad news. If not, it's not coming from that
machine.

James

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]