cancel
Showing results for 
Search instead for 
Did you mean: 

Horrendous eMail problem

N/A

Horrendous eMail problem

Another account I have (ciderman - my F9 dialup backup account) is receiving a vast number of "undeliverable" eMails, due to some server sending out random@random-domainname eMails (see below)
In the last 24 hours the total has been just under 5000, which compares to the normal 150 or so

I assume there is a server out there infected with a mass mail virus, as the vast majority have an attachment for "home owner loan application" and are to random-characters@ciderman.f9.co.uk

I have re-checked my PC (with defintions from 12/03/04) and it is not infected with any virus
6 REPLIES
N/A

Spiderman

Hi,
This sounds like your email address has been spidered by some sort of webbot and added to a mass mailing list of some kind. Hence the vast number of emails to this account. Or as you say is viral in nature.

Although I dont know what the solution to this is (perhaps F9 can help?) another thought I had was that just because your AV software doesnt think its a virus I wouldnt completely trust that?

Further, althought I'm sure your not going to try opening the attachment/s, on the other hand the attachment/s could just be some sort of advertising or scam offer which 99% of the time they are of course.

Finally such emails might not have a virus as such & AV software might not detect an infection but such emails can contain damaging scripts which run when openned. I wouldnt even try openning them, I'd just delete them ALL. I know this doesnt solve the root cause itself. Hope you find a way to stop this happening further, you could examine the emails headers and see if you can work out where or who is sending these to you. But such email often have spoofed header too, its quite a problem.

Regards to you Ivan
N/A

Horrendous eMail problem

I've been keeping my eye on this for 2 days now
The headers show different IPs for each and every eMail

The F9 account eMail address is used by my brother

Between 06:00 and 09:00 today there have been 900 such eMails (making about 2700 for day 3), so that is slightly below what it was yesterday (day 2)

The eMail attachments are quite safe
As a member of SARC I get my Norton software free, and sent 20 such attachments for investigation, but they were all giving "clean"

The only common element is that the return path is :
<> random@ciderman.f9.co.uk

From what I can work it, it appears to be a mass mailer server that is infected and it is sending out eMails (which are incorrectly configured)
Tracing this requires assistance from F9 as the volume is excessive
N/A

Horrendous eMail problem

I too had this problem with one of my accounts several times last year. I used Mailwasher to delete them before downloading legitimate emails. The only other way I found was to create a mailbox, so if your brother uses john@ciderman but hasn't set up a mailbox, it will still go to default. If he made a mailbox "john", then set the mail programme to only look in that mailbox he won't get the spam. Problem is, it will still be there in the default mailbox.

I have raised this in the forums before, especially the ability to configure the mailserver to reject mail not sent to a specific address, but F9 say they can't/ won't do it.

Regards

Mark
N/A

Following On

Hi mjkerr,
Glad that at least these emails are clean, well thats one less headache to have to deal with. I'm wondering if it might be possible for these emails to be re-directed in some way into F9's blackhole email address. I've been looking for a way to do just this with Mailwasher but no luck as yet, I've talked with Nick Bolton at mailwasher but its technically not possible as yet for reasons I stil dont understand.

It would be most useful to enable software such as mailwasher to send marked (idenified spam,junk) emails to a blackhole address. This is ultimately what I'd like and for ALL ISP's to offer. After all if its possible to send junk mail to a server to bounce it back to sender surely it should be possible to send such stuff into a blackhole (never to return!!).

Ivan
N/A

Horrendous eMail problem

The problem with the blackhole address is that you must specify a particular address you want junked. With random characters at the beginning of each user domain it is impossible to catch it all. This is one of the reasons I wanted F9 to look into changing the way that mails are delivered.

Mark
N/A

YEP

Hi,
YEP!! Agree with all the points you've made, But I still wish it was possible never the less, I'll just have to go on hoping that one day it will be possible.
I think it would be great if it was possible.

Ivan