# Undeliverable Mail i did not send



## Bert83 (Apr 2, 2007)

My company is currently getting a lot of "undeliverable mail" bounced back to us, which i guess isn't all that odd except for the fact that we have not sent anything to these e-mail addresses. Here is an example of one of the bounce backs:

Your message did not reach some or all of the intended recipients.

Subject:	[!! SPAM] DoggSofia ONealTeri
Sent:	3/21/2007 5:29 PM

The following recipient(s) could not be reached:

[email protected] on 3/21/2007 5:29 PM
The e-mail system was unable to deliver the message, but did not report a specific reason. Check the address and try again. If it still fails, contact your system administrator.
< msk-m10-st02.rtcomm.ru #5.0.0 X-Postfix; host cucumber.rt-comm.ru[195.161.0.137] said: 550 [email protected] unknown user account (in reply to RCPT TO command)>

Our IT person is ignoring this issue, but I've been looking around a little online to try and find a cause for this problem and what I'm finding is a bit concerning. I may be looking in the wrong places, but what I've found is a lot of references to an "RCPT TO command buffer overflow exploit". Is this paranoia unfounded? I realize this particular exploit is a couple years old, however our e-mail client probably hasn't been updated in a number of years. We use outlook pro 2003, but i'm not sure what our real e-mail client is.


----------



## Klaatu01 (Mar 30, 2007)

This is a SPAM tactic to bypass inbound message filtering rules using your "known" e-mail address. It is likely that your e-mail address was used in a web forum or online group and it has been "harvested" by a spider 'bot program. These programs wander the Internet by following hyperlinks between pages and add ANY and ALL e-mail addresses found to databases they "report" to.

By creating a e-mail message to an invalid address with your e-mail address in the "Reply to:" field, when delivery fails the receiving mail server sends it back from whence it came (e.g. to you). Being a curious e-mail user and wondering what message sent failed delivery, users typically open these messages and allow them to load images integrated into the message which FURTHER confirms your e-mail address. The downloading of the images occurs through another server probably controlled by the spammer(s) and the successfully downloaded to information is linked to the original "bogus" e-mail. Man, this is awful!!

I devised a solution to this problem years ago and wanted to Patent it but, sadly never followed through on the idea. These days there are methods of digitally "signing" e-mail to validate you as the actual (and original true) sender and this detail COULD (eventually) be used to reject any "unsigned" e-mail coming back as a result of the "Reply to:" address. This idea has not been widely implemented so far and remains an "advanced user" concept not ready for general use.

So, a few things to try: (may only help in the future)

1. Never use your e-mail address without obfuscating it thus "(username)_(AT)_(domain).com" (remove the real "@" symbol and pad whatever portion desired with underscore characters).

2. When registering for online forums and groups, always use the "Hide my e-mail address" from members option if it is available.

3. Set your e-mail program NOT to automatically download images in e-mail messages.

4. Keep a separate e-mail account for online forums and groups and DO USE the providers report "SPAM" button or frwarding address if provided (many services have a "[email protected]" e-mail address for reporting such garbage). This e-mail address may also be used for entering contests and signing up for mailing lists, etc.

5. Use any filtering built into your e-mail program to automatically delete messages with suspect Subject: lines. This option may be difficult to the level of near impossible due to the generic nature of modified return mail's Subject: lines (e.g. "Undeliverable...").


----------



## Bert83 (Apr 2, 2007)

Thanks for the info and suggestions, Klaatu. I wasn't sure if this was just spam since there really was no body or images to the e-mail, just random subject lines, but spam is spam i suppose. 

...Klaatu Veracti Nictu...


----------

