homepage Welcome to WebmasterWorld Guest from 54.237.78.165
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Hardware and OS Related Technologies / Website Technology Issues
Forum Library, Charter, Moderators: phranque

Website Technology Issues Forum

    
Examine these mail headers
Hotmail, weirdest thing I've seen. Well one of them
rocknbil

WebmasterWorld Senior Member rocknbil us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4063124 posted 8:52 pm on Jan 18, 2010 (gmt 0)

I know just enough about email headers to be dangerous. But I usually recognize the vital elements.

This is someone who is a "known" email contact, but haven't heard from her in well over a year. The email content was a ploy to send money, which I find highly unlikely from this person. Unfortunately, she is unreachable, which makes it even more suspicious.

But here's the weirdest thing of all: this email has no "To" to any of my email addresses. It comes from hotmail, all the original IP's in the headers were MS servers, but there's no TO. How did I receive this? Anonymized, but here's the headers . . . .

Received: (qmail 16191 invoked from network); 18 Jan 2010 00:41:05 -0800
Received: from SOME HOTMAIL ID.hotmail.com (SOME HOTMAIL IP ADDRESS)
by MY SERVER IP ADDRESS with SMTP; 18 Jan 2010 00:41:05 -0800
Received: from BAY142-W17 ([SOME HOTMAIL IP ADDRESS]) by SOME HOTMAIL ID.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959);
Mon, 18 Jan 2010 00:57:13 -0800
Message-ID: <some-unique-id@phx.gbl>
Return-Path: THE KNOWN HOTMAIL ADDRESS@hotmail.com
X-Originating-IP: [SOME HOTMAIL IP ADDRESS]
From: COMPANY NAME <THE KNOWN HOTMAIL ADDRESS@hotmail.com>
To: <THE KNOWN HOTMAIL ADDRESS@hotmail.com> <!-- Added by bill: HUH? -->
Subject: I NEED YOUR HELP URGENTLY
Date: Mon, 18 Jan 2010 02:57:13 -0600
Importance: Normal
MIME-Version: 1.0
X-OriginalArrivalTime: 18 Jan 2010 08:57:13.0768 (UTC) FILETIME=[3A466A80:01CA981C]
Content-Type: multipart/mixed; boundary="=======AVGMAIL-00EC72F0======="
Hi,
(mail content follows)

Some "Guesses": Their account hacked? Some weirdness going on at hotmail? Though we have no indication otherwise, have to consider, someone has gained access to our server? Conferred with my admin, he sees no such indication in this email, but just because I'm paranoid doesn't mean they're not after me . . .

 

lammert

WebmasterWorld Senior Member lammert us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 4063124 posted 2:41 am on Jan 19, 2010 (gmt 0)

I have received some of these emails last months from friends who used hotmail some years ago. It seems that hackers have found a bunch of hotmail passwords and are now using these accounts to send emails to people in the address book of those hotmail accounts.

It may have something to do with [google.com...]

encyclo

WebmasterWorld Senior Member encyclo us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4063124 posted 2:56 am on Jan 19, 2010 (gmt 0)

Yes, many Hotmail users have had their accounts hacked, with the hackers spamming the people in the accounts' contact lists. This enables the spammers to bypass spam filters more easily. Another aspect is the hackers changing the auto-reply on hacked accounts to "auto-spam" anyone emailing to the hacked account address. The security of your own server would not be affected by any of this.

rocknbil

WebmasterWorld Senior Member rocknbil us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4063124 posted 7:10 pm on Jan 19, 2010 (gmt 0)

That's kinda what I thought. I looked through **some** of the links today (and yesterday :-) ) but what fascinates me about this one in particular is how I received it without a to in the headers, or that the to is the hotmail address. Even in an auto-reply it should have a "to."

lammert

WebmasterWorld Senior Member lammert us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 4063124 posted 7:27 pm on Jan 19, 2010 (gmt 0)

You are in the BCC: list. That is an easy way to compose one email message and send it to tens of people at once, without any of the recipients knowing that they received a bulk message.

rocknbil

WebmasterWorld Senior Member rocknbil us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4063124 posted 7:28 pm on Jan 23, 2010 (gmt 0)

Yes, I'd thought of that, but usually a BCC still has a "to" to the recipient(?)

Does anyone know of a way to report abuse to hotmail? I looked around their site, couldn't find anything, abuse@ returns undelivered.

I did submit a "feedback" to their site, if that's the only avenue, good enough . . . .

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Website Technology Issues
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved