cancel
Showing results for 
Search instead for 
Did you mean: 

Forwarding of phishing emails rejected by server

Buggwrit
Grafter
Posts: 73
Thanks: 1
Registered: 03-02-2009

Forwarding of phishing emails rejected by server

I've been getting a lot of scam emails lately, along with many other people I suspect. I usually forward these to the fraud department of the relevant organisation but sometimes my attempts to do this result in an Alert message :-
"An error occurred while sending mail. The mail server responded: xxxxxxxxxxxxxxxxxx (a different code each time)
message rejected due to spam or virus. If you believe this is in error please login to your portal or
contact your ISP support team. Please check the message and try again."
In these circumstances I normally work around it by taking screenshots of the message and message source and sending them as attachments.
What I would be interested to know, however, is if the server won't let me send the message because of something dodgy it has detected why did it allow me to receive it in the first place?
3 REPLIES
pwatson
Rising Star
Posts: 2,468
Thanks: 8
Fixes: 1
Registered: 26-11-2012

Re: Forwarding of phishing emails rejected by server

The spam email almost certainly was sent by the outgoing server of the company you're trying to report it to.
Personally, I wouldn't bother reporting it - Delete it and move on Smiley
Buggwrit
Grafter
Posts: 73
Thanks: 1
Registered: 03-02-2009

Re: Forwarding of phishing emails rejected by server

I don't pretend to understand the technicalities of spoofed addressing but looking through the message sources I don't see any addresses corresponding to the actual organisations from which the messages purport to come. I presume from what you've said that the Alert is coming from the destination mailserver rather than the Plusnet mailserver which would explain why this junk doesn't get filtered out before I get it.
I forward the messages to addresses supplied by Action Fraud so I have to assume that they are going to the correct destination. I happen to believe that unless we pass these on in sufficient numbers the problem will never be treated seriously. I obviously have no way of knowing if the organisations ever follow up on the information.
Each time I receive one after I've forwarded it I create a message filter for that sender address but, of course, I realise that the scumbags are going to keep trying by using a multiplicity of different addresses and I'm probably on a hiding to nothing.
Community Gaffer
Community Gaffer
Posts: 13,294
Thanks: 1,070
Fixes: 86
Registered: 04-04-2007

Re: Forwarding of phishing emails rejected by server

Quote from: Buggwrit
I presume from what you've said that the Alert is coming from the destination mailserver rather than the Plusnet mailserver which would explain why this junk doesn't get filtered out before I get it.

If you're referring to the message in your original post then this will almost certainly be generated by our relay server and not the destination MTA.
Quote from: Buggwrit
What I would be interested to know, however, is if the server won't let me send the message because of something dodgy it has detected why did it allow me to receive it in the first place?

Good question. The logic for inbound/outbound isn't the same. You might find that you can get inbound to block these messages by increasing the aggressiveness of the spam filter.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵