On 25.06.12 09:27, Viesturs Lācis wrote: > Today in spam folder I see "mail delivery failure", "undelivered mail > returned" messages from different places. I can see in the text of the > message the original sender, which has my domain after @ symbol (and > different names before it, like Deanne021 or Victor812 etc).
... > Does this mean that I have been hacked? Probably not, is my guess. > Or can anyone simply fake the original sender entry and there is > nothing I can do? Yes and yes. When it has happened here, it has just been backscatter <http://en.wikipedia.org/wiki/Backscatter_(e-mail)> The sending of backscatter by the original spam victim achieves nothing, but some sysadmins apparently still hope that there's one spammer in the world sending with an honest "from" address. And, yes, sending backscatter risks being blacklisted, because backscatter is secondary spam. Coming from the spam victim, the backscatter is invisible to the spammer AIUI, so I can't see how it could serve to probe for active accounts at your end. Even if it were the spammer sending a fake NDR (Non-Delivery Response, or "bounce".), a competently configured MDA (Mail Delivery Agent) would not respond to that, so the probe could only ever fail. Checking for vulnerabilities can never hurt, but are any of us skilled enough to do it well? Good luck. Erik -- "I didn't marry him for his money, I divorced him for it." - Seen on a wall plaque in a gift shop. ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Emc-users mailing list Emc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/emc-users
