Email Abuse (Klez)
Posted: Sat Oct 05, 2002 9:42 pm
Ok.... ive been havin a big problem latley on my server.
I have SMTP service on my server and somebody has been abusing this bigtime i just found out.
Basically, heres whats goin on... i had my email on these boards say <email removed> as the default email.... and ive been getting email from somewhere unknown that had the... uhh.... well, i forget wat one, but it had a virus in it. Ive been gettin it sent to me for a couple months... and the sending address was always spoofed... (i looked at the headers, but i honestly didnt know what part was the source cause it was redirected a lot or sumthin).
So ive been living with that for a while.
But now i just changed my email on this board to read
<email removed>
and now ive been getting that spoofed email with the virus sent to THAT email..... i can see it on my server.... and since this is the only place ive ever put THAT SPECIFIC email in, i now know that whoever is sending me the virus is getting my addy from these boards.
Im pretty sure ive already plugged the forwarding of my server (which was pretty stupid of me to find out i had it on, cause i was getting complaints from domain owners of me sending virii to them and i had no clue what they were talking about), but yea. I shut it off and now im getting returned emails from my server that says it cant forward the virus to soandso@blah.com
So its trying to send this same virus to thousands of people from my server.
I just read that members here can use the mass email feature of the board... i thought it was jus for admins, but i dunno......
IS ANYBODY ELSE RECIEVING THESE EMAILS???
if a lot of you are, then we have a problem here......
if not.... well, i dunno what to do... all i know is that im getting virii sent to me from someone who's getting my addy from this board.
I have SMTP service on my server and somebody has been abusing this bigtime i just found out.
Basically, heres whats goin on... i had my email on these boards say <email removed> as the default email.... and ive been getting email from somewhere unknown that had the... uhh.... well, i forget wat one, but it had a virus in it. Ive been gettin it sent to me for a couple months... and the sending address was always spoofed... (i looked at the headers, but i honestly didnt know what part was the source cause it was redirected a lot or sumthin).
So ive been living with that for a while.
But now i just changed my email on this board to read
<email removed>
and now ive been getting that spoofed email with the virus sent to THAT email..... i can see it on my server.... and since this is the only place ive ever put THAT SPECIFIC email in, i now know that whoever is sending me the virus is getting my addy from these boards.
Im pretty sure ive already plugged the forwarding of my server (which was pretty stupid of me to find out i had it on, cause i was getting complaints from domain owners of me sending virii to them and i had no clue what they were talking about), but yea. I shut it off and now im getting returned emails from my server that says it cant forward the virus to soandso@blah.com
So its trying to send this same virus to thousands of people from my server.
I just read that members here can use the mass email feature of the board... i thought it was jus for admins, but i dunno......
IS ANYBODY ELSE RECIEVING THESE EMAILS???
if a lot of you are, then we have a problem here......
if not.... well, i dunno what to do... all i know is that im getting virii sent to me from someone who's getting my addy from this board.