dslreports logo
    All Forums Hot Topics Gallery


how-to block ads

Search Topic:
share rss forum feed


Boston, MA

[E-Mail] Forged Reply-To: address leading to mail delivery failu

In recent days, I've received a flurry of Mail Delivery Failure notification e-mails. When I look (carefully!) at the headers involved, it looks as if someone is generating spam with my RCN e-mail address in the From: (name shown as "Ebay Dropshipping") and Reply-To: fields.

america.net is typically (perhaps always) involved in e-mail injection or forwarding path, unless that information is being forged as well.

The To: field typically contains "users@optin.com", though it's pretty clear that banks of dictionary-generated e-mail addresses are being targeted. In one case where the e-mail content was reflected along with the headers, it looked as if it was enticing recipients to visit a fake FedEx URL.

I suspect that my e-mail address was dictionary-generated as well.

It's unclear that anything can be done, but I thought it couldn't hurt to post to the forum. If any of the RCN unofficial officials are interested in seeing a sample or two of the mail delivery failure notifications, please let me know where to forward them.

My encoded MAC is: d0ab322175fa14ba9d74edb7edeb88479fb44fd5



West Newton, MA

1 recommendation

Re: [E-Mail] Forged Reply-To: address leading to mail delivery f

I don't think you can prevent forging of your email address. You can report it though. check this highly regarded source for more info on spam and email abuse, and they want your spam: »www.knujon.com/

Gainesville, VA
reply to mtas

mtas - Gosh, I hate when that happens. It happened to me recently where all these emails about mystery shoppers looked like they were coming from my email address. Its probably not much consolation that this happens to other people too.

I asked our Webmail expert to look at your account and this is what he responded:

"Someone is forging his email address as the From: address through America.net email servers. We've seen them too.

He can filter the bounces with a filter in webmail. He can also reach out to America.net to get them to try to block the offending user, and see about filtering them on their side.

But at some point, there will be a different provider, and a different cablemodem sending forged spam. So a filter in his webmail is best."