Getting virii in e-mails sent to me

  Red Devil 23:29 21 Nov 2005

All purporting to be from the same domain.

But it's a domain that I own. All the e-mails SAY they are from addresses like admin, webmaster, accounts, info, mail, service, administrator etc from this domain yet none of these e-mail addresses have been set up by me to be used so I know, if I hadn't worked it out already, that they are being spoofed to appear to be coming from my domain.

I started noticing this when Norton AV started reporting that it was finding virii in e-mails being sent to me.

I then logged onto my domain's cpanel and checked my webmail and found a whole host of e-mails in my webmail being sent out to address after address after address supposedly from the accounts I mentioned earlier. Every one of them has a virus attached.

Is there any way to find out where they are ACTUALLY being sent from rather than where they purport to be from, ie, my domain? I've checked the message source and - surprise, surprise - it all appears to be coming from my domain.

Or do I have to accept that there's nothing I can do and just wait for whoever is flooding me with these virus infected e-mails to get bored and move onto someone else?

It would be nice if I could do something but I fear there's little or nothing I can do to prevent this happening.

Luckily, no-one else but me uses this domain for mail purposes so at least I am the only one being affected.

  Skyver 23:34 21 Nov 2005

This will do an analysis of the header and might give some clues (depending on how cleverly the info has been spoofed) click here

  johnnyrocker 23:49 21 Nov 2005

sounds like someone with your addy is infected and is spewing mail under any addy in the address book of the infected


  Red Devil 23:53 21 Nov 2005

Well, if Sam Spade is correct, the e-mail is being sent to me via a company called Charter Communications.

Time to do some digging and see if that is ACTUALLY where the e-mails are coming from.

Anyway, cheers for the help.

  Red Devil 00:23 22 Nov 2005

If Sam Spade IS correct, all the virus infected e-mails are coming from someone using AT&T.

  Skyver 00:32 22 Nov 2005

I'm no expert on this kind of thing but I believe the IP address/header entries should be read from finish to start, ie the header information closest to the body of the email is the first to be added and gives the best clue (if any) to the source.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

The Evil Within 2 review-in-progress

InVision Studio takes on Adobe XD and Sketch

iPhone X news: Release date, price, new features & specs

Comment transformer un iPhone en borne Wi-Fi ?