Emails from me to me - only they're NOT!
80/20
inbox as from me, but clearly I wouldn't do that so what is going on?
The originating sender is clearly shown as my Wanadoo address, but the
return path is <s...@xzzx.com.cn>.
I've looked on Wanadoo/Orange website and cannot find any info about
this kind of thing happening.
I have also tried to log into my account and it refuses saying "We
didn't recognise your email address or password. Please try again."
Anyone offer any suggestions?
Cheers
Steve
lon
news:1177686523....@o40g2000prh.googlegroups.com...
Contact your ISP and tell them whats happing..
---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 000736-2, 26/04/2007
Tested on: 27/04/2007 16:12:35
avast! - copyright (c) 1988-2007 ALWIL Software.
http://www.avast.com
alexd
Bear in mind that anyone can send email "From:" any address they want to,
unless SPF has been implemented. But, the fact that you can't log into your
account does sound a bit suss.
--
<http://ale.cx/> (AIM:troffasky) (UnSoEs...@ale.cx)
16:25:17 up 13 days, 20:44, 2 users, load average: 0.41, 0.26, 0.20
Yes. I'm just guessing.
Roger Mills
80/20 <SJW...@googlemail.com> wrote:
This is one of the joys of spam! Spammers will hi-jack your email address
and send out emails which *appear* to come from you. Using your address when
sending *to* you is probably just a device to circumvent any spam detector
you may be using.
I don't understand what you mean about not being able to log on to your
account. You must be able to log on to Wanadoo's POP server - otherwise you
wouldn't know that you had received these emails?
--
Cheers,
Roger
______
Email address maintained for newsgroup use only, and not regularly
monitored.. Messages sent to it may not be read for several weeks.
PLEASE REPLY TO NEWSGROUP!
Charlie Mitchell
Sounds like someone has been using your domain name as the
sent from or reply to address :(
I run www.smoothchristmasradio.com station and over christmas
I kept getting lots of angry replies telling to quit it with
the spam!
Not a lot you can do about it I'm afraid, unfortunatly though
it means your email address ends up on spam filters :(
80/20
SNIPPED
> I don't understand what you mean about not being able to log on to your
> account. You must be able to log on to Wanadoo's POP server - otherwise you
> wouldn't know that you had received these emails?
> --
> Cheers,
> Roger
> ______
Roger,
It's simple I've got more than one Wanadoo account and 'so far' only
one has been affected.
Having more than one allows me to log onto the internet that way.
Cheers
Steve
Gordon Hudson
"alexd" <trof...@hotmail.com> wrote in message
news:5561210.b...@ale.cx...
> 80/20 wrote:
>
>> I am recieving emails to my Wanadoo email address that show up in my
>> inbox as from me, but clearly I wouldn't do that so what is going on?
>> The originating sender is clearly shown as my Wanadoo address, but the
>> return path is <s...@xzzx.com.cn>.
>>
>> I've looked on Wanadoo/Orange website and cannot find any info about
>> this kind of thing happening.
>>
>> I have also tried to log into my account and it refuses saying "We
>> didn't recognise your email address or password. Please try again."
>>
>> Anyone offer any suggestions?
>
> Bear in mind that anyone can send email "From:" any address they want to,
> unless SPF has been implemented.
SPF is just used for scoring emails it does not by itself stop these types
of emails being received.
Colin Wilson
> inbox as from me, but clearly I wouldn't do that so what is going on?
> The originating sender is clearly shown as my Wanadoo address, but the
> return path is <s...@xzzx.com.cn>.
Just a small one - check the headers and you'll find the true source
of the sender, which will almost certainly be a hijacked machine in a
botnet somewhere.
I've got a feeble attempt at describing how email hangs together on my
site at http://www.coreutilities.co.uk/phishing.html (I might even
have a few mistakes in there, i'm open to correction !)
One tiny note - Kaspersky detects the page as potentially malicious,
as I give an example of the displayed link differing from the actual
site it sends you to - it's a false positive and i've informed them,
but it would be hard to filter out "examples" as against true scam
attempts unless they nominated a redirect domain to be used.
> I have also tried to log into my account and it refuses saying "We
> didn't recognise your email address or password. Please try again."
This might just be their authentication server playing up - it
happens...
Dave Fawthrop
|!I am recieving emails to my Wanadoo email address that show up in my
|!inbox as from me, but clearly I wouldn't do that so what is going on?
|!The originating sender is clearly shown as my Wanadoo address, but the
|!return path is <s...@xzzx.com.cn>.
Someone is forging your email address, just a way of disguising the sender.
I get spam from my email address, quite regularly.
Think hard before you killfile yourself.
--
Dave Fawthrop <sf hyphenologist.co.uk> 165 *Free* SF ebooks.
165 Sci Fi books on CDROM, from Project Gutenberg
http://www.gutenberg.org/wiki/Main_Page Completely Free to any
address in the UK. Contact me on the *above* email address.
alexd
>> Bear in mind that anyone can send email "From:" any address they want to,
>> unless SPF has been implemented.
>
> SPF is just used for scoring emails it does not by itself stop these types
> of emails being received.
That would be a detail of the implementation of SPF, not SPF itself.
--
<http://ale.cx/> (AIM:troffasky) (UnSoEs...@ale.cx)
21:00:35 up 14 days, 1:20, 2 users, load average: 1.36, 0.81, 0.50
Roger Mills
80/20 <SJW...@googlemail.com> wrote:
> On 27 Apr, 16:47, "Roger Mills" <watt.ty...@googlemail.com> wrote:
> SNIPPED
>> I don't understand what you mean about not being able to log on to
>> your account. You must be able to log on to Wanadoo's POP server -
>> otherwise you wouldn't know that you had received these emails?
>
> Roger,
> It's simple I've got more than one Wanadoo account and 'so far' only
> one has been affected.
> Having more than one allows me to log onto the internet that way.
>
> Cheers
> Steve
It's not actually that simple! You seemed to be suggesting that there was a
connection between your inability to log on and the receipt of these spam
emails. For there to be *any* possibility of a connection (and I don't think
there is, anyway) the problems would have to apply to the *same*
account/email address - not to different ones - so having multiple accounts
is irrelevant.
Tommy
> I am recieving emails to my Wanadoo email address that show up in my
> inbox as from me, but clearly I wouldn't do that so what is going on?
> The originating sender is clearly shown as my Wanadoo address, but the
> return path is <s...@xzzx.com.cn>.
It's a common trick used by spammers to encourage you to open the email,
as you're more likely to notice emails from yourself.
As others have pointed out anyone can put another person's email address
as the sender.
R. Mark Clayton
"80/20" <SJW...@googlemail.com> wrote in message
news:1177686523....@o40g2000prh.googlegroups.com...
This is spoofing.
There was a spate of them some years ago, with unpleasant content.
One or two I should ignore, but a campaign of them suggests a hijack
somewhere.
Mark McIntyre
<SJW...@googlemail.com> wrote:
>I am recieving emails to my Wanadoo email address that show up in my
>inbox as from me, but clearly I wouldn't do that so what is going on?
Forged headers. A common spammers technique to avoid bounces or
complaints being sent to his own address. There's nothing you can do
about this.
>I have also tried to log into my account and it refuses saying "We
>didn't recognise your email address or password. Please try again."
This sounds like a different problem which you need to contaact your
ISP about.
--
Mark McIntyre
Mark Carver
> I have also tried to log into my account and it refuses saying "We
> didn't recognise your email address or password. Please try again."
Via POP3, or via Web mail ?
If the former, then it's probably Orangewanadoofreeserve's problem
A friend got me to look at the same problem. She could read and send her mail
via webmail, but often she could not send and/or receive via POP3. I did some
Googling and it seems to be affecting a number of people. Orange CS seem clueless.
In any case, as others have said, this is a quite separate issue to the spam
problem.
--
Mark
Please replace invalid and invalid with gmx and net to reply.
kora...@gmail.com
> I don't understand what you mean about not being able to log on to your
> account. You must be able to log on to Wanadoo's POP server - otherwise you
> wouldn't know that you had received these emails?
POP is outdated (I haven't used it in over 5 years -- power users use
IMAP. There's nothing POP can do which IMAP can't, but plenty which
only IMAP can do, such as download directly from folders other than
Inbox...
BTW, <http://www.emaildiscussions.com/> is a good web forum for all
aspects of e-mail.
Bob Eager
> On Apr 27, 4:47 pm, "Roger Mills" <watt.ty...@googlemail.com> wrote:
> > I don't understand what you mean about not being able to log on to your
> > account. You must be able to log on to Wanadoo's POP server - otherwise you
> > wouldn't know that you had received these emails?
>
> POP is outdated (I haven't used it in over 5 years -- power users use
> IMAP. There's nothing POP can do which IMAP can't, but plenty which
> only IMAP can do, such as download directly from folders other than
> Inbox...
POP can at least have a proper definition. IMAP is still ill-defined,
which causes no end of problems.
--
[ 7'ism - a condition by which the sufferer experiences an inability
to give concise answers, express reasoned argument or opinion.
Usually accompanied by silly noises and gestures - incurable, early
euthanasia recommended. ]
kora...@gmail.com
> POP can at least have a proper definition. IMAP is still ill-defined,
Nonsense -- see <http://www.imap.org/> and <http://www.isi.edu/in-
notes/rfc3501.txt>; as I've already said, IMAP is well-enough defined
for me (and thousands of others that I know of) to have used it for
the past five years with *no* problems whatsoever.
Also try putting that argument on <http://www.emaildiscussions.com/>
-- if you don't mind having people the world over laugh at your
ignorance. :-)
Jono
>
> One tiny note - Kaspersky detects the page as potentially malicious,
> as I give an example of the displayed link differing from the actual
> site it sends you to - it's a false positive and i've informed them,
> but it would be hard to filter out "examples" as against true scam
> attempts unless they nominated a redirect domain to be used.
Erm, now I've visisted your site, how do I now stop Kaspersky from
advising me repeatedly of the phishing attempt...?
Bob Eager
I'm perfectly aware of the RFC...but I also know some respected email
implementors who despair at the loose definitions.
Colin Wilson
> advising me repeatedly of the phishing attempt...?
Clear the cache (you might have to tell it to disable for 5 minutes
while you do it)
A nice program for cleaning all the caches and crap on your system is
Crap Cleaner (http://www.ccleaner.com)
Jono
Cheers. Yes, I've run ccleaner yet Kaspersky still pops up with:
Quarantine: File C:\Documents and Settings\Jono\Local
Settings\Temporary Internet Files\Content.IE5\FEB9U262\phishing[1].htm:
detected new variant of Trojan program Trojan-Spy.HTML.Fraud.gen
Is this caused by your site, or have I picked up something mailcious?
Colin Wilson
> Quarantine: File C:\Documents and Settings\Jono\Local
> Settings\Temporary Internet Files\Content.IE5\FEB9U262\phishing[1].htm:
> detected new variant of Trojan program Trojan-Spy.HTML.Fraud.gen
> Is this caused by your site, or have I picked up something mailcious?
If you still had IE open at the time CCleaner won't have cleared its'
cache - alternatively, check the settings to make sure it's configured
to clear IEs' cache (which I think it is by default anyway).
I suspect the error _is_ caused by my page - it's a pain in the ass, I
fully acknowledge that, and i've reported it to AOL / Kaspersky - but
other than remove the link from the page and not be able to
demonstrate what I mean i'm stuck for ideas :-}
The other thing you could do is simply tell it to delete the
"problem" - it'll simply remove it from the cache, and should resolve
it for you.
Eeyore
80/20 wrote:
IDIOT !