Suddenly this morning I started receiving “Undeliverable” messages from email servers all around the world, many of them complaining that I’m sending spam, or sending to expired email addresses. The messages were coming in at several per minute, flooding my inbox. In a half hour I had a few hundred.
One’s first thought when this happens might be that perhaps your own computer has been compromised with a trojan, and is sending out spam at a huge rate. But that’s almost never the case. Spammers do compromise innocent computers with trojans, and they do force them to send out spam, but they never use the correct return address.
When email was invented it was primarily for University and Defense Department inter-office communication. It was naively assumed that someone was who they really said they were, and so there were no safeguards against “spoofing”. The spammers and con-artists have taken advantage of this, and send out their messages with bogus return addresses. The return addresses are harvested from various sources; it’s very hard to keep your email address off these lists.
Typically they will use one return address for a day or so on one or a few computers, and then as the spam filters adjust they will move on to another. So I know that if I just sit tight this flood should be over by tomorrow.
But fortunately the compromised email address is one of my “throw-away” addresses that I don’t really need. I create these and use them in cases where the address is likely to be made public.
I disabled that address and like magic the emails stopped.
The computer/internet world is a jungle, with parasites and predators lurking everywhere. Compromised computers can be made to send out millions of spam messages at little or no cost, and if one in a million recipients fall for the scam it is worth it.
6 responses so far ↓
1 Heather // Oct 26, 2008 at 1:02 pm
That happened to us once and it stunk. We would have hundreds of returned emails in just a short time.
How do you create throw away addresses and what types of places do you use them?
Also, did you see (I sent an email) we picked up all the stuff we needed?
2 Robin // Oct 26, 2008 at 1:27 pm
Wow! I’ve never had that happen to me, and I hope it never does.
3 Don // Oct 26, 2008 at 1:30 pm
It happens to me more often than I would like. One day I got almost 1000 emails when I checked. Usually it’s only a few hundred but it’s annoying. As you say it eventually stops but when it first happens you really wonder what you did.
4 Daryl // Oct 27, 2008 at 7:15 am
Heather, if you log into Plesk on the server and go into email, you will see where you can add an alias. This is an address that will go to your normal inbox.
I use one with any company I register with. I have southwest@d….com for buying airline tickets, amazon@d….com, etc. Then I use crap@d…com for one-time uses with unknown companies. Surprisingly, that one still doesn’t get a lot of spam.
I should see you within a couple of days. I can show you how.
5 Donna // Oct 27, 2008 at 11:22 am
It happened to me once, on my main email address. I was able to retrain Spam Assassin on Plesk, and that coupled with the spammers moving on to new victims caused the flood to stop. Like you, Daryl, I use a lot of aliases to prevent vendors from selling and spamming my main email name.
6 Don // Oct 27, 2008 at 12:07 pm
I don’t use any alias and that’s probably why I get this happening once every couple of months. I’m afraid my email is out there in too many places to pull it back now.