# Email account being used for spam



## snickersnake (Apr 9, 2008)

I pay for a Yahoo! email account so that I can get the bells and whistles. I logged in today and have just a ton of these "mail delivery failed" messages, as if I sent email to the wrong address. I opened them and they are all totally different, except for the first paragraph that explains the message could not be delivered. It looks like someone is using my email address to send spam and I don't know how to fix the problem. Here is a sample of one of the messages:

Subject: Mail delivery failed: returning message to sender
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es)
failed:

[email protected]

------ This is a copy of the message, including all the headers. ------

Return-path: <[email protected]>
Received: from [85.217.153.200] (helo=user-3a12c9a5f9.evo.bg)
by server.tajnet.ru with esmtp (Exim 4.60)
(envelope-from <[email protected]>)
id 1KWE1j-0005as-UY
for [email protected]; Thu, 21 Aug 2008 21:32:53 +0400
Received: from [85.217.153.200] by g.mx.mail.yahoo.com; Thu, 21 Aug
2008 19:29:29 +0200
Date:	Thu, 21 Aug 2008 19:29:29 +0200
From:	=?koi8-r?B?+sHLydIg58HCwsHT?= <[email protected]>
X-Mailer: The Bat! (v2.00.9) Personal
Reply-To: [email protected]
X-Priority: 3 (Normal)
Message-ID: <[email protected]>
To: [email protected]
Subject: =?koi8-r?B?4czLz8fBzMnazT8=?=
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----------DA3E5BD3E5B679"

------------DA3E5BD3E5B679
Content-Type: text/plain; charset=koi8-r
Content-Transfer-Encoding: 8bit

áÕÄÉÏËÎÉÇÁ mp3 ëáë âòïóéôø
ðéôø
íÙ ÒÁÓÓËÁÖÅÍ ËÁË ÜÔÏ ÓÄÅÌÁÔØ 
äÌÑ ÐÒÏÓÌÕÛÉ×ÁÎÉÑ ÎÁ mp3 ÐÌÅÅÒÅ ÉÌÉ
ËÏÍÐØÀÔÅÒÅ. ÷ÒÅÍÑ Ú×ÕÞÁÎÉÑ: 8 ÞÁÓÏ× 56
ÍÉÎÕÔ éÚÌÅÞÅÎÉÅ ÇÁÒÁÎÔÉÒÏ×ÁÎÏ ÌÀÂÏÍÕ
ÞÅÌÏ×ÅËÕ, ÐÒÉ ÓÏÂÌÀÄÅÎÉÉ ×ÓÅÈ ÐÒÁ×ÉÌ. 
÷ÙÐÏÌÎÉ× ×ÓÅ ÕËÁÚÁÎÉÑ, ÏÎ ÓÍÏÖÅÔ
ÎÅ×ÅÒÏÑÔÎÏ ÂÙÓÔÒÏ ÉÚÂÁ×ÉÔÓÑ ÏÔ
ÁÌËÏÇÏÌØÎÏÊ ÚÁ×ÉÓÉÍÏÓÔÉ. üÆÆÅËÔÉ×ÎÏ:
ÍÅÔÏÄÉËÁ ëÁÒÁ ÉÓÐÏÌØÚÕÅÔÓÑ × ÄÅÓÑÔËÁÈ
ËÌÉÎÉË ÐÏ ×ÓÅÍÕ ÍÉÒÕ.

ðÒÏÓÔÏ: ÎÅ ÔÒÅÂÕÅÔÓÑ
ÚÁÍÅÎÉÔÅÌÅÊ ÁÌËÏÇÏÌÑ É ÎÉËÏÔÉÎÁ.

ðÒÁËÔÉÞÎÏ: ÎÉËÁËÏÇÏ ÚÁÐÕÇÉ×ÁÎÉÑ,
ÎÉËÁËÉÈ ÎÏÔÁÃÉÊ, ÎÉËÁËÏÇÏ
ÓÐÅÃÉÁÌØÎÏÇÏ ÌÅÞÅÎÉÑ.

òÅÚÕÌØÔÁÔÉ×ÎÏ: ÎÏ×ÏÅ, ÎÉ Ó ÞÅÍ ÎÅ
ÓÒÁ×ÎÉÍÏÅ ÏÝÕÝÅÎÉÅ Ó×ÏÂÏÄÙ.

ðÒÏ×ÅÒÅÎÏ: ÂÌÁÇÏÄÁÒÑ ÍÅÔÏÄÉËÅ
áÌÅÎÁ ëÁÒÁ ÄÅÓÑÔËÉ ÔÙÓÑÞ ÌÀÄÅÊ
ÏÓ×ÏÂÏÄÉÌÉÓØ ÏÔ ÎÉËÏÔÉÎÏ×ÏÊ É ÁÌËÏÇÏÌØÎÏÊ
ÚÁ×ÉÓÉÍÏÓÔÉ. ãåîá: 3000 òõâìåê 
ìàâùå óðïóïâù ïðìáôù: -
îÁÌÏÖÅÎÎÙÊ ÐÌÁÔÅÖ. - âÁÎËÏ×ÓËÉÊ ÐÅÒÅ×ÏÄ
ÄÌÑ ÀÒ. ÌÉÃ. - WebMoney É ñÎÄÅËÓ.äÅÎØÇÉ 
- îÁÌÉÞÎÙÅ ÞÅÒÅÚ ËÕÒØÅÒÁ ÉÌÉ ×
ÏÆÉÓÅ. ëïîôáëôù: ôåìåæïîù:
(495)771_01_5, (495)585 69 60 ICQ: 419643 027, 397-09-5807 
EMAIL: [email protected]

------------DA3E5BD3E5B679
Content-Type: text/html; charset=koi8-r
Content-Transfer-Encoding: 8bit

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">




*áÕÄÉÏËÎÉÇÁ mp3 
ëáë âòïóéôø ðéôø
íÙ ÒÁÓÓËÁÖÅÍ ËÁË
ÜÔÏ ÓÄÅÌÁÔØ 
*
*äÌÑ ÐÒÏÓÌÕÛÉ×ÁÎÉÑ ÎÁ mp3
ÐÌÅÅÒÅ ÉÌÉ ËÏÍÐØÀÔÅÒÅ.
÷ÒÅÍÑ Ú×ÕÞÁÎÉÑ: 8 ÞÁÓÏ×
56 ÍÉÎÕÔ*

*éÚÌÅÞÅÎÉÅ ÇÁÒÁÎÔÉÒÏ×ÁÎÏ ÌÀÂÏÍÕ ÞÅÌÏ×ÅËÕ,
ÐÒÉ ÓÏÂÌÀÄÅÎÉÉ ×ÓÅÈ ÐÒÁ×ÉÌ. 
÷ÙÐÏÌÎÉ× ×ÓÅ ÕËÁÚÁÎÉÑ, ÏÎ ÓÍÏÖÅÔ
ÎÅ×ÅÒÏÑÔÎÏ ÂÙÓÔÒÏ ÉÚÂÁ×ÉÔÓÑ ÏÔ
ÁÌËÏÇÏÌØÎÏÊ ÚÁ×ÉÓÉÍÏÓÔÉ. *

*üÆÆÅËÔÉ×ÎÏ:* ÍÅÔÏÄÉËÁ ëÁÒÁ ÉÓÐÏÌØÚÕÅÔÓÑ ×
ÄÅÓÑÔËÁÈ ËÌÉÎÉË ÐÏ ×ÓÅÍÕ ÍÉÒÕ.

*ðÒÏÓÔÏ:* ÎÅ ÔÒÅÂÕÅÔÓÑ ÚÁÍÅÎÉÔÅÌÅÊ ÁÌËÏÇÏÌÑ É
ÎÉËÏÔÉÎÁ.

*ðÒÁËÔÉÞÎÏ:* ÎÉËÁËÏÇÏ ÚÁÐÕÇÉ×ÁÎÉÑ, ÎÉËÁËÉÈ
ÎÏÔÁÃÉÊ, ÎÉËÁËÏÇÏ ÓÐÅÃÉÁÌØÎÏÇÏ ÌÅÞÅÎÉÑ.

*òÅÚÕÌØÔÁÔÉ×ÎÏ:* ÎÏ×ÏÅ, ÎÉ Ó ÞÅÍ ÎÅ ÓÒÁ×ÎÉÍÏÅ
ÏÝÕÝÅÎÉÅ Ó×ÏÂÏÄÙ.

*ðÒÏ×ÅÒÅÎÏ:* ÂÌÁÇÏÄÁÒÑ ÍÅÔÏÄÉËÅ áÌÅÎÁ ëÁÒÁ
ÄÅÓÑÔËÉ ÔÙÓÑÞ ÌÀÄÅÊ ÏÓ×ÏÂÏÄÉÌÉÓØ ÏÔ
ÎÉËÏÔÉÎÏ×ÏÊ É ÁÌËÏÇÏÌØÎÏÊ ÚÁ×ÉÓÉÍÏÓÔÉ.

*ãåîá: 3000
òõâìåê

ìàâùå óðïóïâù
ïðìáôù:
- îÁÌÏÖÅÎÎÙÊ ÐÌÁÔÅÖ.
- âÁÎËÏ×ÓËÉÊ ÐÅÒÅ×ÏÄ ÄÌÑ ÀÒ. ÌÉÃ.
- WebMoney É ñÎÄÅËÓ.äÅÎØÇÉ 
- îÁÌÉÞÎÙÅ ÞÅÒÅÚ ËÕÒØÅÒÁ ÉÌÉ ×
ÏÆÉÓÅ.

ëïîôáëôù:
ôåìåæïîù: (495)771_01_5,
(495)585 69 60
ICQ: 419643 027, 397-09-5807
EMAIL: [email protected]
*



------------DA3E5BD3E5B679--
_____________________________

Thank you for your help.


----------



## lunarlander (Sep 22, 2007)

Change your email password.


----------



## Billyd65 (Apr 2, 2008)

Looks like someone in Bulgaria has spoofed your e-mail address. Contact info:

ADMINISTRATIVE CONTACT:
Rosen Velikov
[email protected]
Evo Ltd.
34 Makedonia str., Gorna Oriahovica
gr.GORNA ORYAHOVITSA, N/A
BULGARIA
tel: +359 618 64210
fax: 
NIC handle: RV18-BGNIC

And based on the date and time stamp on the messages they may be able to find out who the culprit is.


----------

