Automatic Messages being sent unkowingly / Bounce Back Email Error
I have a co worker who is having an odd problem. From what I can tell automatic emails are being sent out but I can't fathom from where. She is receiving bounce back error emails.
Does anyone have any experience with this?
Thank you,
Copy and Pasted message below.
"
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
[email protected] host fusesmtp2i.electric.net [10.86.0.47] SMTP error from remote mail server after RCPT TO:<[email protected]>: 550 Email Address was not found. Error 2. Host: fusesmtp2g
Reporting-MTA: dns; in3h.electric.net
Action: failed Final-Recipient: rfc822;[email protected] Status: 5.0.0 Remote-MTA: dns; fusesmtp2i.electric.net Diagnostic-Code: smtp; 550 Email Address was not found. Error 2. Host: fusesmtp2g
Return-path: <[email protected]>
Received: from 1hb6dJ-0000R3-4e by in3h.electric.net with hostroute:140326971 (Exim 4.92)
(envelope-from <[email protected]>)
id 1hb6dL-0000Z9-4f
for [email protected]; Wed, 12 Jun 2019 10:01:59 -0700
Received: by emcmailer; Wed, 12 Jun 2019 10:01:59 -0700
Received: from out2b.electric.net ([72.35.23.142] helo=smtp-out2.electric.net)
by in3h.electric.net with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
(Exim 4.92)
(envelope-from <[email protected]>)
id 1hb6dJ-0000R3-4e
for [email protected]; Wed, 12 Jun 2019 10:01:57 -0700
Received: from 1hb6dI-00077M-VJ by out2b.electric.net with emc1-ok (Exim 4.92)
(envelope-from <[email protected]>)
id 1hb6dJ-00078P-T6
for [email protected]; Wed, 12 Jun 2019 10:01:57 -0700
Received: by emcmailer; Wed, 12 Jun 2019 10:01:57 -0700
Received: from [10.86.10.84] (helo=fuseout2d.electric.net)
by out2b.electric.net with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
(Exim 4.90_1)
(envelope-from <[email protected]>)
id 1hb6dI-00077M-VJ
for [email protected]; Wed, 12 Jun 2019 10:01:56 -0700
Received: from mailanyone.net
by fuseout2d.electric.net with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128)
(MailAnyone extSMTP [email protected])
id 1hb6dG-0000qo-LG
for [email protected]; Wed, 12 Jun 2019 10:01:56 -0700
Content-Type: multipart/mixed; boundary="--_NmP-6a7a7c5352f3c2b7-Part_1"
From: [email protected]
To: [email protected]
In-Reply-To: <[email protected]>
Subject: Your payment # 76338-123 is timely accepted
Message-ID: <[email protected]>
Date: Wed, 12 Jun 2019 17:01:49 +0000
MIME-Version: 1.0
X-FM-Out: [127.0.0.1] / 157.130.5.118 / [email protected]
X-Outbound-IP: 10.86.10.84
X-Env-From: [email protected]
X-Proto: esmtps
X-Revdns: fuseout2d.electric.net
X-HELO: fuseout2d.electric.net
X-TLS: TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256
X-Authenticated_ID:
X-PolicySMART: 1217211
X-Virus-Status: Scanned by VirusSMART (c)
X-FM-OS: Linux 2.2.x-3.x
X-FM-GeoIP: US
X-Proto: esmtps
X-Revdns: out2b.electric.net
X-HELO: smtp-out2.electric.net
X-TLS: TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256
X-Authenticated_ID:
X-Origin-IP: 72.35.23.142
X-Env-From: [email protected]
X-DKIM:
X-PolicySMART: 1217205
X-SPAM-Status: NO, 0.0 / 5.0
X-SPAM-Summary: FSO_HAM=0.0
X-Virus-Status: Scanned by VirusSMART (c)
X-Exim-DSN-Information: Due to administrative limits only headers are returned
"
Chosen solution
My best guess is that this is backscatter from messages sent by spammers to arbitrary (and non-existing) recipients using your corporate email address as From: address.
http://en.wikipedia.org/wiki/Backscatter_(email)
There isn't much you can do about it other than filter those messages and have them automatically deleted. The good news is, this will stop after some time.
Read this answer in context 👍 0All Replies (2)
I've run every antivirus I could think of,
msconfig > turn off everything not needed.
Searched through task manager and found nothing suspicious running.
As well as ensured no ad-ons or extensions were enabled on her browser.
It's a Windows 7, has all the latest updates ect as well.
If you need anymore information please let me know.
Suluhisho teule
My best guess is that this is backscatter from messages sent by spammers to arbitrary (and non-existing) recipients using your corporate email address as From: address.
http://en.wikipedia.org/wiki/Backscatter_(email)
There isn't much you can do about it other than filter those messages and have them automatically deleted. The good news is, this will stop after some time.