cancel
Showing results for 
Search instead for 
Did you mean: 

Suspended email account

Community Veteran
Posts: 4,853
Thanks: 121
Fixes: 24
Registered: 14-07-2009

Suspended email account

I have just has a call from a client telling me her Waitrose email account has been suspended pending a mandatory password change.  She had been receiving a lot of 'undeliverable' messages indicating that her email address had been used to send out spam emails.  But I could not see any evidence that this was true and it's perfectly possible to send messages purporting to be from somebody else if the outgoing mail server does not perform a check.  Does the suspension mean that Waitrose/Plusnet know that the messages are originating from her account or could this be prompted by other circumstances?     
5 REPLIES
Community Gaffer
Community Gaffer
Posts: 13,294
Thanks: 1,070
Fixes: 86
Registered: 04-04-2007

Re: Suspended email account

The messages will have been sent using SMTP authentication. That implies that the account has been compromised and it's not simply a case of the customer's address being spoofed.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

Community Veteran
Posts: 4,853
Thanks: 121
Fixes: 24
Registered: 14-07-2009

Re: Suspended email account

Possibly so.  When the problem (of unknown messages returned as undeliverable) first arose a month or two ago my client phoned 'Waitrose' Tech. Support and was told not to worry.  I took my cue from that, wrongly as it turned out.  I should have got her to change her password then rather than waiting until 'Waitrose' had a change of opinion.
How easy is it to check if SMTP authentication has been used?  Does that even mean anything if your webmail is hijacked?   
Community Gaffer
Community Gaffer
Posts: 13,294
Thanks: 1,070
Fixes: 86
Registered: 04-04-2007

Re: Suspended email account

If a Webmail account has been hijacked then the individual(s) involved have your SMTP login credentials so can then start spamming off network. Waitrose customers quite often get hit with phishing emails asking customers to confirm their email login credentials to ensure their account remains active. I'd make sure your client is educated about this if they're not already.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

Community Veteran
Posts: 4,853
Thanks: 121
Fixes: 24
Registered: 14-07-2009

Re: Suspended email account

Quote from: Bob
If a Webmail account has been hijacked then the individual(s) involved have your SMTP login credentials so can then start spamming off network.

Yes, but is that preferable?  I see it could be if Webmail imposes some restrictions on quantity of emails that does not apply off-network?
Edit:  Also, thanks for the warning regarding phishing emails.  I have done as you suggested.
Community Gaffer
Community Gaffer
Posts: 13,294
Thanks: 1,070
Fixes: 86
Registered: 04-04-2007

Re: Suspended email account

There are SMTP limits whether you're on or off network, and those off network are typically more aggressive. Spammers don't typically stick to the same IP address though and when they've multiple compromised accounts then they can still cause problems. It doesn't take much before our relays end up getting blacklisted.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵