[TriLUG] I'm getting lots of Weird Bounces... any thoughts
Jon Carnes
jonc at nc.rr.com
Thu Sep 18 22:28:15 EDT 2003
Most probably your email domain was simply hijacked by a virus. Of
course it could be a script-kiddie doing a denial of service against
some guys email account (or accounts).
On Thu, 2003-09-18 at 15:14, Joshua Gitlin wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> - -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> - - -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello Everyone... I haven't posted in a while. Good to be back :)
>
> I've been getting all sorts of weird bounces from my email server as of
> last night... They're bounce messages that are bouncing, so my confused
> email server (qmail) is sending them to me.
>
> The emails were all (originally) sent from various email addresses
> under my domain that don't exist (nonsense addresses like
> 6pqjukwytm at tumaz.com) and they were sent to AOL members (and who knows
> who else). AOL is bouncing the messages "back" to me... although they
> didn't even originate on my system... They're coming from a variety of
> IP addresses, some of which appear to be in denmark. The messages read
> something like this:
>
> "--PAH03624.1063911700/str-d10.mail.aol.com--"
>
> As far as I can tell, this has something to do with somebody trying to
> figure out something about AOL's mail servers, and they're just using
> my domain as a scapegoat... But I'm not really sure what's going on.
> I'm worried that it's either a misconfiguration in my email server or
> someone trying to do something nasty to one of my servers (and
> succeeding). Any thoughts? Thanks guys!
>
> Joshua Gitlin
> Website Developer/Designer
> Webmaster, Glow Films, Inc
> http://josh.tumaz.com/
> http://www.glowfilms.com/
> - - -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3 (Darwin)
>
> iEYEARECAAYFAj9qAyIACgkQdMO2CPVJoQ6RCACfZvAbSK3aTajkNDBBxGU3Tv/L
> s0cAmwQtaGBWhoqz8kJ0BBMV/gCcfxDp
> =Y9hi
> - - -----END PGP SIGNATURE-----
>
>
> - - -----------
> Due to the recent increase in spam and falsely sent email, I now PGP
> Sign all of my outgoing mail to prove my identity. This means that you
> will see a small line of code below all mail you receive from me; this
> line of code proves that I am who I say I am. For more information,
> please visit http://www.pgp.com/ or http://www.gnupg.org/
>
>
>
> - -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3 (Darwin)
>
> iEYEARECAAYFAj9qA0MACgkQdMO2CPVJoQ7o2ACfSE7bGGw+oVBGSRNDbA2nlx9S
> RV8AnRi25ZhTjKZ/Mg3UGOGqmzvq26dA
> =V07M
> - -----END PGP SIGNATURE-----
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3 (Darwin)
>
> iEYEARECAAYFAj9qBAcACgkQdMO2CPVJoQ4CCwCdHRD/CPAEX9TTe5bLKFRnrIue
> 52wAnjme1wO5A/9dw5wRCFuq3IKkQOl9
> =x00L
> -----END PGP SIGNATURE-----
More information about the TriLUG
mailing list