Some kind of Mail Bot

Hi, I have recently started recieveing 40-50 Failure to Deliver mail messages a day.

I use Windows Live Mail and have an MSN account and an account that is linked to my own domain (ABComputers.org.uk) hosted by my ISP (Plusnet).

The Failure to Deliver notices are only coming into the ABComputers account.

My computer is only about a month old and I sit behind a SmoothWall Firewall Appliance.

I have run through your Cleanup procedure and everything came back completly clean, SAS, SBS&D, Malwarebytes.

Attached are the logs for ComboFix, MalwareBytes ( Full Scan) and MGTools.

Any help would be appreciated.

Thanks Dre...

 

Hello Dre9872,

Your other logs look pretty good to me, as well. I think your probably dealing with more of a software/network issue than a malware one. Your best bet would probably be to make a topic in this forum about your issues with the email.

 

Sorry I forgot to say that I am getting these failure messages when I havn't sent any mail. It is so bad that I logged into my mail today and had 1983 failure notices, I have had to set up another inbox to filter out genuine messages to me.

As the failules are from random names with my domain name, not my name.

 

Hello Dre9872,

Seeing as your logs have come back completely clean as far as I can see for malware, I think there's a more likely scenario that might be in play here.

A spammer is spoofing your email address and doing mass e-mails, which in turn results in all these failed delivery messages back towards you. This happened to me once awhile back, and it lasted for almost a week with hundreds upon hundreds of failure to deliver messages per day. Is changing your email address a possibility you can consider?

 

Well the mesages are being sent from <Randomly generated name>@My Domain

So unless I changed my domain, which is something I don't want to do.

I have semi solved the problem by setting up a new inbox and using a message rule that only passes messages actually addressed to me, rather than all addresses with my domain. This at least saves me from searching through all the mail to find any messages I might want to read.

It seems really silly that someone can send messages with a 'From whoever they like' addresse.

 

It does suck that spammers are this good at causing you loads of misery, but they have been at this for a very long time it seems. I would just try to wait it out, eventually they should move on to a different domain and you should stop getting those returned mail messages.