November 12, 2004

• They probably didn't hijack it, they probably just forged it. It happens. There really isn't much you can do about it. Eventually the spammers will move on to forging a different address.
• You are definitely right to worry - my email address was being used by spammers earlier this year - it started with one or two MAILER-DAEMON messages a week then ramped up to about 15 a day. I tried contacting yahoo about the problem and never heard anything from them. After two months I started having to decipher a scrabbled word every time I sent an email out - but I'm not sure if there was actually a connection to the spam - shortly after that the MAILER-DAEMON emails subsided.
• Yeah, what jccalhoun said - as in there isn't anything you can do about it - but it is a frustrating experience, particularly if your domain name is connected to a business - not exactly the type of attention you are mostlikely going for...
• jccalhoun is right - the spammers have forged your email address so that it appears that their spam has been sent from your domain. Happens all the time. (Believe me - I used to fix this stuff for a living.) You may want to contact your hosting provider and forward them a copy of one of these emails. They won't be able to do anything about it, but it will officially put your complaint ("Some spammer is forging my address!") on file. Then if one of the spam victims mistakenly complains that you're spamming them, you have a paper trail/explanation to fall back on. (Most hosting providers would just tell the complainant "The spammer forged that address; get over it." But depending on what tech gets the inbound complaint, your mail server could get shut down as a wrist-slap. If this happens, call tech support and immediately ask to speak to a manager. No phone monkey will have the authority to turn your server back on, but a manager will, and if your complaint is already on record, it will greatly speed the server-turning-back-on process.)
• And what a22lamia said - you're about to get a whole truckload of bounce messages, so keep a close eye on your mail accounts, lest they clog up and stop working.
• Thanks all. I did what mechagrue suggested and sent an email to my hosting company and forwarded them the message in question too.
• Huh. I have received messages like those, too. I just went "la la la..." and erased them. *blush* The obvious usually escapes me, though.
• they should have called it MAILER-DEMON what the hell's a MAILER-DAEMON anyway?
• My sister has been getting viruses sent from my email address for a few weeks now - it's like everyone says, someone's spoofed my address and there's nothing you can do. It took a wee bit of explaining to my sister, though, that the virus emails aren't from me, and now when I send her mail I put a very specific subject, since the spoofed ones are "Re: Hi!" or "Thanks!", which I never write anyways. :)
• I get dozens of those a day. I did email my isp at first and they said that it's nothing to worry about and there is nothing that can be done about it.
• I hate when I get emails similar to the one afx237vi pasted above, and the message that I purportedly tried to send contains links to obscene sites.
• It looks like you have your domain set up with a 'catch-all' e-mail account, which forwards any mail @yourdomain.co.uk to you. MAILER-DAEMON is just the name of an automated process in unix parlance, for the program (daemon) which handles mail. A valid (but unlikely) option is that yes, you actually are sending out spam unwittingly. Go to abuse.net and use their mail relay testing service, to make sure your server is secure. (ie: can't be used by spammers to send mail.) If the case is that your mail server is secure, and spammers are just forging their from-line to bounce to you, the only other thing I recommend is turning off the catch-all address and only setting up specific, known addresses to be used. (this will only reduce the number of bounces which end up in your Inbox.) One last thing, and that's some ISP's will add your domain to their RBL (Realtime Blackhole List) if the volume of your apparent 'spam' gets high enough. You'll know when this happens, when you start getting bounces friends' and associates' e-mail addresses which you know are working. :)
• Tracicle, if people from your address book are getting spam from you, there's an immensely good chance that your computer is infected with a virus. There's a slightly lower chance that someone with both your address and your sister's address has an infected computer - a parent or relative would be the most likely culprit. (If random people are getting spam from someone@yourdomainname.com, it means that spammers are spoofing your address.) If you use Windows, but don't have recently-updated antivirus software (as in, updated in the last week or less), run your computer through a free online virus scan. MacAfee has a good one. Then email everyone in your address book who would also have your sister's address, and tell them to do the same, post-haste.
• I feel the peculiar urge to explain further, in case anyone's curious. There are two things happening in this thread: 1. Spammers buy software that automatically generates and churns out spam. They also buy CDs filled with harvested addresses. Spam-generating software is pretty sophisticated stuff. The latest generation will read the CD of harvested addresses, and use some of them in forged "from" headers, and put the others in the "to" address. Usually what happens is that the software will just take the domain name of a random address, and automatically generate a user name. Say alice@alice.com and bob@bob.com are both unfortunate enough to have gotten onto one of these spam CDs. The spam software plucks alice's address, randomizes the user name, uses this in its forged header, and poof: bob@bob.com receives an herbal Viagra offer from charlie@alice.com. Next, bob@bob.com - not knowing of this magical software - reads the "from" address and assumes that this jerk charlie@alice.com is sending out spam. Filled with perfectly understandable outrage, Bob forwards the spam to Alice's hosting provider, and gets her account temporarily shut down. Meanwhile, Alice is panicking under an onslaught of bounced spam messages, because about half the addresses on the spammer's CD are invalid. Her first thought is probably that someone's hacked an account "charlie@alice.com" and is using it to send spam. 2. Alice's computer is infected with a virus. The virus seeks out an address book on her hard drive (usually an Outlook or Outlook Express address book, although other programs are vulnerable to this sort of thing). Having harvested all the email addresses from Alice's address book, the virus kicks back and starts secretly sending out copies of itself to everyone in Alice's address book. Some viruses will perform the same trick with the address book that spam-generating software does with the CD. If it finds bob@bob.com and charlie@charlie.com in Alice's address book, it will send email to Charlie which appears to have come from Bob, and vice versa. The big difference between #1 and #2 is what's being sent. If people are getting spam with your name on it, it's probably due to #1. However, if people are getting viruses, it's almost certainly #2. There are other possibilities, of course, but currently these two are the most likely, so far as I know.
• Good point, mechagrue. I use a Mac and gmail, so I doubt I'd have a virus, but my parents' and my mother's work computer are prone to viruses. And, due to my pregnancy-addled mind, I'd forgotten that my mother was recently complaining that her emails weren't getting by my sister's virus checker either. I just remembered now.