weired e-mail advice pls

Tattooed

Tattooed

Tattooed

Associate
Joined
14 Aug 2003
Posts
1,984
Location
cyberspace
Recevied this e-mail today.


Recevied this very strange e-mail today-

Hi. This is the qmail-send program at fazenda.sp.gov.br.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

*Atencao: Esta eh uma mensagem automatica*

_Ocorreu um erro ao enviar a sua mensagem ao destinatario pretendido_

As causas mais comuns sao erros na digitacao do endereco do destinatario ou
a caixa postal do destinatario se encontra cheia.
Se voce enviou a mensagem para um grupo/lista de mensagens, possivelmente
muitos membros deste grupo/lista de mensagens receberam sua mensagem e os
enderecos abaixo listados sao os unicos que nao receberam sua mensagem.

Qualquer duvida, envie uma mensagem para o endereco [email protected]
com uma copia desta mensagem de retorno.

A mensagem anexa esta truncada em 2048 bytes.

Abaixo estao listados os enderecos que nao receberam sua mensagem
seguidos da mensagem de erro, bem como uma copia da mensagem enviada
por voce:

<[email protected]>:
172.16.33.1 failed after I sent the message.
Remote host said: 550 Denied by policy.

--- Below this line is a copy of the message.

Return-Path: <>
Received: (qmail 32666 invoked from network); 4 Sep 2007 07:16:11 -0000
Received: from h24-207-68-71.dlt.dccnet.com ([24.207.68.71])
(envelope-sender <>)
by mx02.fazenda.sp.gov.br (qmail-ldap-1.03) with SMTP
for <[email protected]>; 4 Sep 2007 07:16:11 -0000
Received: from QVFKPI ([10.91.90.25])
by h24-207-68-71.dlt.dccnet.com (8.13.4/8.13.4) with SMTP id q5703692678258h4Yw016548
for <[email protected]>; Tue, 04 Sep 2007 00:17:53 -0800 (CDT)
(envelope-from tattooed)
Message-ID: <02c401c7eec3$b5b5c350$4744cf18@QVFKPI>
From: tattooed
To: <[email protected]>
Subject: carelessly razor blade
Date: Tue, 04 Sep 2007 00:17:05 -0800
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_NextPart_000_02C1_01C7EE89.09207200";
type="multipart/alternative"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138

This is a multi-part message in MIME format.

------=_NextPart_000_02C1_01C7EE89.09207200
Content-Type: multipart/alternative;
boundary="----=_NextPart_001_02C2_01C7EE89.09207200"


------=_NextPart_001_02C2_01C7EE89.09207200
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

hdii jobb
yboo rwfo
vajs
------=_NextPart_001_02C2_01C7EE89.09207200
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><H=
EAD>
<META http-equiv=3DContent-Type content=3D"text/html; charset=3Dis=
o-8859-1">
<META content=3D"MSHTML 6.00.6000.16525" name=3DGENERATOR>
=
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV>qivven aaejnsde=
nr kgpych
<IMG src=3D"
cid:02c401c7eec3$b5b5c350$4744cf18@QVFKPI"><BR>

obmi
kkok mirvajn
</DIV></BODY></HTML>


------=_NextPart_001_02C2_01C7EE89.09207200--

------=_NextPart_000_02C1_01C7EE89.09207200
Cont

--- End of message stripped.
Reply With Quote
 
Here's one I got earlier.

Dear ,

I am Moses Mensah, the only son of late Dr Andrew Mensah who exports crude oil and gold gems abroad. He died as a result of brief illness,but before his death,he called my attention beside his sick bed and gave me some informations with a document covering $10million (in one trunk treasure box)which he deposited in my name as a next of kin,in a private security treasure office in Dublin Ireland.

I am only 22years,i do not have any experience of handling/investing such an amount.Therefore,I humbly seek for your consent to assist me claim this treasure from the private security treasure office in Dublin Ireland,and help invest it properly in your country.

You will take 30% of the total sum for your assistance,while 5% is for any expenses that may incure during the claim,Then you will keep 65% for me in your account.

For your information: The private security treasure office in Dublin Ireland do not know that the content of the treasure is cash($10million).The security office doesn't safe keep cash.If they know that the content of the treasure is cash,They wouldn't have accepted the safe keeping of the treasure,because it is not their policy to safe keep cash of any kind.

Please i am looking forward to hearing from you,so as to give you the contacts of the security treasure office in Dublin Ireland,for you to contact them and arrange for the release of the consignment with them.

Thanks and God bless,

Yours faithfully,

Moses Mensah.
Click to expand...
What should I do?
 
I think he's just looking for an explaination, as to what the email is and why he received it.

It obviously seems to have no purpose, but as it refers to failing to deliver a message, perhaps the OP is worried that someone/something has been trying to send strange emails from his account.

Anyway, I'll stop speculating on why the OP posted.

Tattooed, if it helps, it just looks like random spam that you get from time to time. Not all spam has a 'purpose' (ie not all spam tries to sell you something, or tries to phish/scam you). Just delete it and forget about it :)
 
I always want to try and follow these up just to see how far it will go before they ask for personal details etc.

It could be like Dave Gormans Googlewhack Adventure...."JBs Spamapade"!
 
Tattooed said:
Sorry I have not made my sekf very clear- someone used my e-mail address to post that message.
Click to expand...

Can you explain this a bit clearer?

How do you know someone used your email address?

Did that email just 'randomly' arrive in your inbox? If so it's almost certainly just spam. Just because it mentions 'failed delivery', doesn't actually mean you (or someone else) tried to send anything from your account.
 
It is one of 2 things!

1) Some spammer has your email address on their list (almost a guarantee and nothing to worry about), they then send out a spam email to a whole list of people and use your email address as the from address, the ones that get through do and the ones that dont bounce back to you like this one.

Nothing you can do and nothing you have to worry about too much.

2) You have a virus that is sending out spam mails on behalf of a virus writer/spammer. Make sure you AV protection is up to date and run a full scan, then scan with an online scanner such as Panda Active Scan.

If nothing shows up then the first option is true, delete it and carry on!

Hope this helps!
 
div0 said:
Can you explain this a bit clearer?

How do you know someone used your email address?

Did that email just 'randomly' arrive in your inbox? If so it's almost certainly just spam. Just because it mentions 'failed delivery', doesn't actually mean you (or someone else) tried to send anything from your account.
Click to expand...

Dont have to send it from your account ever heard of spoofing

If not ; http://en.wikipedia.org/wiki/Email_spoofing
 
ste_bla said:
Dont have to send it from your account ever heard of spoofing
Click to expand...

Of course I have :rolleyes: Did you even read my post?

Tattooed said:
Sorry I have not made my sekf very clear- someone used my e-mail address to post that message.
Click to expand...

div0 said:
Can you explain this a bit clearer?

How do you know someone used your email address?

Did that email just 'randomly' arrive in your inbox? If so it's almost certainly just spam. Just because it mentions 'failed delivery', doesn't actually mean you (or someone else) tried to send anything from your account.
Click to expand...

I asked him why he thought someone had posted from his email address, I was trying to clarify whether he had omitted some information about how the email came about, or whether (as you suggested) it had come about because of some spammer spoofing his email.
 
Hi,
Thanks for the replies:) I recevied the e-mail in my inbox today. We I looked at the address- it looked like I had posted it.
 
i was getting a ridiculous amount of this spam a couple of weeks ago
like 50+ a day, but it's ceased now, guess my spam filter got tightened
they're basically checking whether your email address is real, if you reply (there's normally a for more information contact email) then they know it's real and can target you more intensively. it is unlikely to be a result of a virus, but always worth checking, and i'd run spybot s+d as well
 
Tattooed said:
Hi,
The reply e-mail address is my e-mail address.
Click to expand...
Easily done. Spam often has false information in the headers, particularly the reply-to address.

Say you're a spammer. You send out 20 million emails hawking your website selling penis enlargement pills, or whatever.

You use a zombienet to do it, in part because you don't want it traced to you. Besides, you don't want a million people emailing you to complain about the spam and another two million automated emails from mail daemons for email that can't be delivered for various reasons (for example, many emails on cheap spam email lists aren't current email address).

So you obviously wouldn't put your real email address as the reply-to email address. You put someone else's email address in there instead. Bulk mailing software will make that easy. A straightforward method is to take the first email address from your spam mailing list and put that as the reply-to address for every one of the 20 million emails you send out, then have a laugh at the thought of that person receiving those 3 million emails.

I once had to move ISPs because I was getting ~500 emails an hour for that reason. I made filters to delete them, but those only applied in my client when I downloaded the email. My ISP only allowed me 1000 emails, so my email box on their server filled within 2 hours.

On the other hand, it's possible that the email was sent from your machine because it's been compromised and is part of a zombienet.
 
Thanks for the reply. Is there any way to trace where the e-mail came from?

Also is it possible to trace ip address?
 
Tattooed said:
Thanks for the reply. Is there any way to trace where the e-mail came from?

Also is it possible to trace ip address?
Click to expand...
To an extent. When I was getting 500+ spam an hour, I traced the original spammer to somwhere in Russia. Which is as useful as a chocolate teapot. Even if I traced it more precisely, what would be the point? Besides, chances are that you could only trace as far back as the ISP for a machine in a zombienet.

As long as your machine isn't compromised, there is nothing useful you can do. So check it for viruses and rootkits, keep your firewall up and hope you don't get deluged.
 
You really have to be careful to who you give your personal email address to.

I always have a hotmail, yahoo or other account when surfing for newsletters or other.

A lot of people get infected through numbnuts at the workplace

KEEP THE TWO SEPERATE - i get so many 419 Nigerian scams on my ghost email account.

By The Way - If you want to hear stories of the 419 scammers getting their due's.....check out http://www.419eater.com/

or utube '419' :)
 
You must log in or register to reply here.
Back
Top Bottom