There are a couple of utilities out there where you can paste in the header for a quick analysis. Search for an e-mail header checker, e-mail spam checker, etc.

Then, if you have an form mail script on your site check to see that it's locked down so the bad folks can't get at it.

Also, it looks like there's another round of virus e-mails. I've been getting 10 to 20 'undeliverable mail' messages a day carrying payloads.

You have a firewall on your PC? If so, nothing should be able yo use you as a relay. You're not using a weak CGI mailing script on your site are you?

Other than that, many spam email systems use collected addresses as fake "from" addresses when sending emails. If these emails bounce they are returned to the faked from address. It's a common problem. Just don't worry about it.

Matt

[webmasterworld.com...]

[webmasterworld.com...]

I've just started getting probably more than 200 a day of such bounced emails in the last week so you're not alone. It's probably just a spammer or virus using your email address as the Reply To address. It's perfectly typical behavior of the many slimy spammers out there.

I've had this happen on one domain several months ago, and now they've moved on to another of my domains. The interesting thing about that is first domain was a******.com and current one is u****.net.

The user portion of the emails I'm seeing the bounces for is mostly random characters or random names. I mean I'm the only user of one domain and there's one additional user of the second...

Should I contact my host to let them know this is happening so I don't get acused of spammimg?

One complaint from spamcop is all that it seems to take to get you booted off a host lately. I know this since one of my clients I did a site for had a legit, though not double opt-in mailing list. All it took was one or two people who forgot they signed up for the list to lodge a complaint and we were thrown off the host. Needless to say this client is now double opt-in with traceable records.

I wouldn't think so. Spoofing addresses is such an everyday occurrence that every ISP knows exactly what's going on. That's assuming that your email server really hasn't been hijacked, in which case I would definitely worry.

If you've got a website, you might also want to check and see if you're running a script that might have gotten highjacked. Formmail from Matt's Script Archive is a classic target for hackers; older, unpatched versions of the software can be used as a crude email relay. And you'll get the bounces.

I had an old, unpatched version of that installed on a webserver that I had moved away from long ago. Some spider crawling IP addresses must have located it and put it into use.

I think this is a virus that started about a year ago. You get a bounced message notification. It entices you to get worried and open the message. That's the way it propogates.

If you haven't suckered into the scam yet, then you're ok. The messages are sent to you by infected computers. Nothing to do with any message you ever sent. They just compose messages to addresses that the virus finds either on the infected computer or from a list or somewhere.

I don't think there is any relarionship to any real message like from somebody faking their from fields using your address or ip. It's just a fake message from an infected computer.

We get spoofed all the time, and fortunately, before you get on a list, the trace is done. A list you don't want to get on is SPEWS. It took us a long time to get one of our clients off the list. They are just impossible to contact. Usually, if you have a good reputation online and a spam issue comes up, you are given the benefit of the doubt. That has been our experience anyway.

CaboWabo

I put in a ticket with my host when the first domain was targetted. They thanked me for noting it with them in case something came up about it.