Bounce to wrong sender
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- :
- Re: Bounce to wrong sender
Bounce to wrong sender
21-09-2017 9:09 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Here's a weird one. A friend forwarded a message intended to me, that the spam filter had rejected, but she had not sent it. Here is the message:
From: Mail Delivery System <MAILER-DAEMON@messagelabs.com>
Date: 21 September 2017 at 08:32
Subject: Mail Delivery Failure
To: carbon.cutters@gmail.com
This is the mail delivery agent at Symantec Email Security.cloud.
I was unable to deliver your message to the following addresses:
richard@riggshome.plus.com
Reason: 552 Spam Message Rejected
The message subject was: Fwd: IMPORTANT: Updated insurance policy documents
The message date was: Thu, 21 Sep 2017 08:31:25 +0100
The message identifier was: 05/CD-02208-81B63C95
The message reference was: server-11.tower-207.messagelabs.com!1505979152!27608934!1
Please do not reply to this email as it is sent from an unattended mailbox.
Contact your email administrator if you need more information, or
instructions for resolving this issue.
Last-Attempt-Date: Thu, 21 Sep 2017 07:32:44 +0000
Diagnostic-Code: smtp; 552 Spam Message Rejected
Status: 5.0.0
Action: failed
Final-Recipient: rfc822; richard@riggshome.plus.com
--------------
I do not know who would have sent the message to me and it may indeed have been spam. What puzzles me is why she received a reply to a message that she did not send. She had sent a routine message (harmless, and nothing to do with insurance) at 12:08 and I received it, then she received this bounce. Can the Plusnet spam filter be getting out of sync?
Re: Bounce to wrong sender
22-09-2017 12:52 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
It looks like what happened here is that a spammer tried to send a message to you forging your friend's name and email as sender. Had it got through you might have been tempted to trust it because you knew the (apparent) sender.
However the message was rejected as spam so the delivering server passed it to the apparent sender - your friend. I'm assuming that the delivering server at messagelabs.com is an intermediary and not the original sending server which should have passed it back to the real sender..
This behaviour is known as backscatter.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page