Does my machine send spam???
Karl Auer
kauer at biplane.com.au
Mon Oct 17 07:02:36 UTC 2016
On Mon, 2016-10-17 at 08:21 +0200, Volker Wysk wrote:
> Has my machine been hijacked to send spam?? What can I do?
It is much more likely that your email address has been picked up
somehow (out of a mailing list, off a website, there are a dozen ways)
and is being used as the "From" address in someone else's spam. I wrote
an article about why a couple of years ago:
http://biplane.com.au/blog/?p=307
The received-by header in the spam suggest the spam was sent from
Vietnam. If a spammer was faking headers, it's an odd header to fake.
It also indicates that the spam was sent directly from an ADSL-
connected system, which would be unusual unless the system were a small
email server such as yours. The address concerned exists and is
pingable, but doesn't answer to TCP connections on any of the usual
mail server ports. Very unusual for a real email server; not at all
unusual for a compromised system being used to send spam. The mailer
apparently used to create the message was Outlook - not likely to be
running on a Linux system. As with all headers this may have been
faked, of course.
But all in all, I'd say that spam was probably not sent by you.
Regards, K.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)
http://www.biplane.com.au/kauer
http://twitter.com/kauer389
GPG fingerprint: E00D 64ED 9C6A 8605 21E0 0ED0 EE64 2BEE CBCB C38B
Old fingerprint: 3C41 82BE A9E7 99A1 B931 5AE7 7638 0147 2C3C 2AC4
More information about the ubuntu-users
mailing list