# Solved: Outlook Test Message sent automatically



## jt1001 (Nov 28, 2007)

I received two "Microsoft Office Outlook Test Message" e-mails which read "This is an e-mail message sent automatically by Microsoft Office Outlook's Account Manager while testing the settings for your POP3 account." This was sent overnight, automatically.

I know that this message is normally sent when I set up the account, but I have had this account for some time now, and it was sent when I not at my computer. Is someone trying to hack into my system?

Using:
Outlook 2002 SP3
Windows XP Home Edition, Version 2002, SP2
Dell Dimension 8400

Thank you!


----------



## kimsland (Oct 22, 2007)

Maybe an update from your ISP ?


----------



## jt1001 (Nov 28, 2007)

I don't think it could be the ISP. I have Verizon, and I've never used the e-mail address they gave me. I have a third party e-mail account (using Netidentity) which I check using the Pop 3 server via Outlook.


----------



## kimsland (Oct 22, 2007)

If you still have the message
You will need to check the headers (right click properties) to see where it came from 
Likely from your account - but just in case check

Because you are not using your normal ISP email account, I wonder if they sent you a reset command (because they noticed no email activity)

Anyway does not sound like a hacking issue


----------



## jt1001 (Nov 28, 2007)

I checked the header - it does seem to come from me, which is why I thought maybe someone try to take over my computer. Don't think the ISP thing would be it - they don't even have this e-mail address, and in 8 years with them they've never sent or reset anything I know about. 

I'm glad it doesn't sound like a hacking issue. I'll take a short sigh of relief  I do appreciate your help!


----------



## kimsland (Oct 22, 2007)

On the other hand !!

Lets say you had a dialUp account, and someone setup your username and your password on Their machine, they would recieve the new test email (unless you got it first - ie it's only sent once)
And because your computer was online you may have got the email before they did.

I would suggest that you change all email account passwords immediately

This will need to be done in your Internet and Mail settings (for both accounts)
Otherwise you may be getting some strange usuage statistics.

This is still not exactly hacking your computer - except maybe hacking your password

If you have not given out your password to anyone (or have an easy password (the original mail one that is) Then you may wish to invest in an Internet security firewall and also do All Windows security updates.

I would do all that (privacy is nearly obsolete in this world -but I'm hanging on)


----------



## kimsland (Oct 22, 2007)

You haven't replied back, does this mean you changed your passwords and now you can't read you mail ?
This question is retorical !


----------



## jt1001 (Nov 28, 2007)

I was out for a while. 

That is a great idea - thank you! I'm going to change the passwords now. 

I do use windows firewall and avast virus (and everything is on auto update). Is there another firewall you recommend?


----------



## jt1001 (Nov 28, 2007)

OK...so I analyzed the headers a little bit more. I compared header to an e-mail I sent to myself and found a discrepancy in the "Received" line.

Known e-mail header:
Received: from jt (pool-71-106-178-20.lsanca.dsl-w.verizon.net [71.106.178.20])
(Authenticated sender: [email protected])
by sc1-out06.emaildefenseservice.com (Postfix) with ESMTP
for <[email protected]>; Wed, 28 Nov 2007 18:41:44 +0000 (UTC)

Suspect header:
Received: from TORCC006 (unknown [10.0.63.29])
(Authenticated sender: [email protected])
by sc1-out01.emaildefenseservice.com (Postfix) with ESMTP
for <[email protected]>; Tue, 27 Nov 2007 14:54:57 +0000 (UTC)

It appears to be from an unknown IP address, though still authenticated as me. Any ideas?

Thanks!


----------



## kimsland (Oct 22, 2007)

OK this time I was out for a while

Anyway in relation to "unknown [10.0.63.29" IP address; this seems to be your modem IP address. So it's still ok, you can check any IP here http://ws.arin.net/whois/ but normally it just creates more confusion. ie your ISP may be in another country.

In relation to Internet Security (there may be more replies from others here) but if it were up to me I would suggest Kaspersky Internet Security http://www.kaspersky.com/kaspersky_...www.kaspersky.com/kaspersky_internet_security
And that's it (I need to mention that it is a personnal choice - but only because I have to !)

If you believe this thread is Solved, please mark as Solved in Thread Tools above (you are the only one who can do this)

Kim


----------



## TheOutcaste (Aug 8, 2007)

A 10.X.X.X address is a private non-routeable address. You will sometimes see them in traceroutes as some routers will respond with their private IP address instead of the public IP.

While that might be your DSL modems private IP address, considering the test messages you received, it's more likely that someone has set themselves up to monitor your email. All they have to do is set the client to leave mail on server. I would immediately change your password AND your secret question if they use one, or any other info for automatic password resetting.

Then, contact your Email Provider and see if they can provide a log of accesses to your account. You can see if your account is being accessed when you know it wasn't you. If their logs are detailed enough, it may pinpoint where the access is coming from. If they see an access that doesn't come from the verizon network, followed a few minutes later by one that does (you at home) then something is definitely fishy. And if it shows the Leave mail on Server option is being used and you don't use that option, that would be a dead giveaway that someone has hacked your email account.

HTH

Jerry


----------



## jt1001 (Nov 28, 2007)

Thank you for this answer. I have notified my e-mail provider. Hopefully they will have the logs that can help track this down. And I've changed all my passwords. 

Thank you!
JT


----------

