On 13/10/15 00:57, Florian Pelgrim wrote: >> (2) Someone sent out a bunch of SPAM, spoofing my e-mail address >> > as the sender, and the delivery failures came to me. >> > >> > How can I tell which is the case, and if it's (2), is there anything >> > I can do to defend myself against this sort of thing in the future? > You could check the header of one email you know you send and one of the > others. > I guess what you are getting is simple backscatter spam like in (2) you > described.
I'd check the backscatter case, as this requires no skill on the part of the attacker and is the most likely case. I've been on the receiving end of a backscatter deluge before. Not fun. I actually harvested the offending hosts and used the emails as evidence of spam activity to have the site brought down. I found there were 6 machines sending the crap, WHOIS look-ups were performed, and emails written to those six hosts with samples of the bounces provided, along with the host hosting the website concerned. The dead give-away was that the initial "Received" header did not match any of my hosts. In fact, all they had done was put my address in the Return-Path. It's worth knowing how to read the headers of emails in this circumstance as it can give you vital information for knowing what is going on. -- Stuart Longland (aka Redhatter, VK4MSL) I haven't lost my mind... ...it's backed up on a tape somewhere.
signature.asc
Description: OpenPGP digital signature
