Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Frustratedlady

(16,254 posts)
Wed Apr 15, 2020, 08:18 PM Apr 2020

Problem with supposedly bounced emails I've never sent.

I keep getting these Daemon messages about emails bouncing from addresses I've never heard of nor emailed. I know they are spam, but don't understand the purpose or how to get rid of them. Obviously, they are using my email addy. The following is what I get and I've found that if I wave the mouse over the addy, I get other addy's than Daemon. I don't open them nor click on a link. Can anyone explain what is going on?

--------------------------------------

Mail Delivery Subsystem (mailer-daemon@googlemail.com)

Message not delivered
There was a problem delivering your message to welcome@z430.loxsir.info. See the technical details below.
LEARN MORE

LEARN MORE
The response was:
Your email to group welcome@z430.loxsir.info was rejected due to spam classification. The owner of the group can choose to enable message moderation instead of bouncing these emails. More information can be found here: https://support.google.com/a/answer/168383.

20 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
Problem with supposedly bounced emails I've never sent. (Original Post) Frustratedlady Apr 2020 OP
Email is trivially forged CloudWatcher Apr 2020 #1
What is the purpose? I don't understand why they would do this if no $$s were involved. I hope!!! Frustratedlady Apr 2020 #5
Spam filters CloudWatcher Apr 2020 #13
Yes, I get those calls every day. Frustratedlady Apr 2020 #15
National Do Not Call Registry CloudWatcher Apr 2020 #17
That works for a short time, then we're back to calls again. Frustratedlady Apr 2020 #19
You could have picked up canetoad Apr 2020 #2
Yes, I have run a malware scan with nothing found. Frustratedlady Apr 2020 #6
Another possibility canetoad Apr 2020 #9
Hmmm! This is the first time I've run into this problem. Frustratedlady Apr 2020 #10
Check the 'To' address CloudWatcher Apr 2020 #14
No, they are using my address. Frustratedlady Apr 2020 #16
The original To field CloudWatcher Apr 2020 #18
Yes. The example I posted was... Frustratedlady Apr 2020 #20
Perhaps someone has spoofed your email address as origination of their spam operation. cayugafalls Apr 2020 #3
I haven't opened any until tonight when curiosity killed the cat. Frustratedlady Apr 2020 #7
See if changing your password to your email account helps. PoindexterOglethorpe Apr 2020 #4
I will do so. Thanks! Frustratedlady Apr 2020 #8
It's a classic trick. If you respond in any way, they know a live human is on the other end. Bernardo de La Paz Apr 2020 #11
I have not responded to any of them, nor have I opened any except a couple Daemons. Frustratedlady Apr 2020 #12

CloudWatcher

(1,922 posts)
1. Email is trivially forged
Wed Apr 15, 2020, 08:29 PM
Apr 2020

Some email spammer is sending out emails using your email address in the "From" field. When it (appropriately) bounces, the email system delivers it back to you.

Email is entirely trivial to forge. Never trust it. It's been this way since the dawn of the Arpanet/Internet. I remember demo'ing this to my boss in 1980 ... forging an email to him, from his boss, accepting his resignation.

The problem is that email was designed back when the Arpanet/Internet was an experiment of trusted sites and people. The original designers of email never imagined the Internet of today with rampant fraud and spoofing.

Frustratedlady

(16,254 posts)
5. What is the purpose? I don't understand why they would do this if no $$s were involved. I hope!!!
Wed Apr 15, 2020, 08:35 PM
Apr 2020

Thanks for your explanation.

CloudWatcher

(1,922 posts)
13. Spam filters
Wed Apr 15, 2020, 10:55 PM
Apr 2020

It's useful to send out spam with an actual email addresses in the From field. E.g. if they use their own address, they would get quickly added to block lists.

They're (most likely) not attacking you, it's just a way to try and get their spam delivered instead of rejected.

Unfortunately, there's not a lot for you to do to do other than just delete the junk from the various mail servers that reject the spam.

After a few days they'll get tired of faking email from you and move on to a different address.

I've had it happen to me more than once. After a little while the reject emails disappear.

I've also had it happen to me with phone calls! Spammers will fake Caller ID and make it look like I am the caller. I've gotten a couple of confused calls from people that claim that I had just called them. I had to explain that Caller ID is not secure and that some crook had just faked my phone number to try and get them to answer ... since people are much more likely to "pick up" if caller id shows a number close to theirs (same area code, same prefix).

Frustratedlady

(16,254 posts)
15. Yes, I get those calls every day.
Wed Apr 15, 2020, 11:02 PM
Apr 2020

One I get changes the last 4 digits each day, but I get at least one call from the same area code. So, I looked it up and got a page of names/numbers with the first 6 digits. I could NOT believe the names listed. It was like being in a foreign country, even though the town was in my state. The call was for automobile maintenance contracts.

As for these #$%%^ emails, I've done everything I can for now and will watch to see if it helped.

Thanks, much.

CloudWatcher

(1,922 posts)
17. National Do Not Call Registry
Wed Apr 15, 2020, 11:13 PM
Apr 2020

I *think* putting your phone number on this list helps a bit.

https://www.ftc.gov/faq/consumer-protection/list-number-national-do-not-call-registry

In any event, it at least gives you the ability (if you want to) to talk to the human on the junk calls and tell them that their call is not just annoying, but actually illegal!

Sadly, it doesn't ban political fund raising calls

What really helps reduce the number of junk calls is to let all your calls go through to voicemail and only "pick up" if you recognize the voice of the caller. After a while your number gets tagged as "doesn't answer" and the volume of junk calls goes down.

Though I have to admit, I really enjoy the spammers that call trying to tell me my computer is infected. They're almost always following a script that assumes you have a Windows machine (I have a lot of Macs) and assume that you have only one computer (I've got, um, several). I try and get them to tell me the internet address of the machine they believe is infected and they get really confused. Sadly, they've stopped calling too

Frustratedlady

(16,254 posts)
19. That works for a short time, then we're back to calls again.
Wed Apr 15, 2020, 11:21 PM
Apr 2020

My phone set has 5 stations and I haven't been able to clear the message box. The rings stop after 3 and, of course, they can't leave a message. So, eventually, they stop. I blocked a lot of callers, but ran out of room on that option, too.

One of these days, I'll work at getting those options fixed...

canetoad

(18,073 posts)
9. Another possibility
Wed Apr 15, 2020, 08:48 PM
Apr 2020

Is that someone, who has your email addy in their address book has a mailer worm.

How these things work is they install themselves through an infected attachement, setting up their own SMTP engine. Then they trawl the infected computer for email addresses and wham! Away they go.

I was once able to identify an worm on an acquaintances computer; this particular worm searched for email address and also copied random chunks of text from the user's files and pasted them in the body of the emails it sent. Luckily I recognised some of the text and from whom it was copied.

If this is the case, just keep deleting them and hope that the infected computer's owner eventually figures it out.

Frustratedlady

(16,254 posts)
10. Hmmm! This is the first time I've run into this problem.
Wed Apr 15, 2020, 08:59 PM
Apr 2020

I will ask a couple people I email every day if they have noticed the same problem. Thanks.

Too bad these characters can't find something more productive to occupy their time.

CloudWatcher

(1,922 posts)
14. Check the 'To' address
Wed Apr 15, 2020, 10:58 PM
Apr 2020

If the original recipient is someone in your email address, then it's likely that your contact/address book has been compromised ... possibly by malware on your machine, but also possibly by a Facebook (or other) breach.

But ... if the To field (the original recipient of the spam email) is not an address that you recognize, then it's much more likely that the spammers are just faking your address as the sender and your machine (and your address book / contact list) has not been breached.

Frustratedlady

(16,254 posts)
16. No, they are using my address.
Wed Apr 15, 2020, 11:08 PM
Apr 2020

The Daemons I've opened have a link, but they don't make much sense...nothing recognizable. I don't click on the links and haven't opened the emails for credit scores that started the whole thing. I assumed those were trying to get my cc#s.

They are a headache, for sure. Thanks!

CloudWatcher

(1,922 posts)
18. The original To field
Wed Apr 15, 2020, 11:17 PM
Apr 2020

I mean the address that the daemon was attempting to deliver to .. not yours. It should tell you that it failed trying to deliver to "foobar@somehost" and that it was rejected as likely spam. If that address is one you know, then it's possible your contact list was breached. But more often, it's some random address you've never heard of and it's just all forged.

Yeah, I feel sorta responsible for the email headaches of today. I was around in the very early days of the Arpanet and noticed that email wasn't secure back then. But .. those were also the days before public-key-encryption had appeared so real distributed security (that we need here) was a bit of a pipe dream.

Now it's time for email to be killed off and be replaced with something secure.

Frustratedlady

(16,254 posts)
20. Yes. The example I posted was...
Wed Apr 15, 2020, 11:25 PM
Apr 2020

There was a problem delivering your message to welcome@z430.loxsir.info.

I have no idea who that is.

cayugafalls

(5,747 posts)
3. Perhaps someone has spoofed your email address as origination of their spam operation.
Wed Apr 15, 2020, 08:32 PM
Apr 2020

How many are you getting? Are they all different responses?

Frustratedlady

(16,254 posts)
7. I haven't opened any until tonight when curiosity killed the cat.
Wed Apr 15, 2020, 08:42 PM
Apr 2020

Being from Google, I thought it would be safe enough.

Yes, they are to different addresses. At first, they were to credit numbers...how good/bad my credit numbers were. I never opened any of those, but did check their addy by waving the mouse over it. They were mostly men's names that I'd never heard of. Then, I started getting the Daemon emails. I opened the first few and even notified my daughter to see if she had received an email from me. She had. Then, I started watching more closely and saw in the preview on my email page that it referred to an addy I'd never used. This has been going on for several weeks.

Thanks for your reply.

Bernardo de La Paz

(50,824 posts)
11. It's a classic trick. If you respond in any way, they know a live human is on the other end.
Wed Apr 15, 2020, 09:05 PM
Apr 2020

Respond and you will be bombarded with frauds and scams and phishing schemes.

Frustratedlady

(16,254 posts)
12. I have not responded to any of them, nor have I opened any except a couple Daemons.
Wed Apr 15, 2020, 09:11 PM
Apr 2020

I didn't even click on their link.

I just changed my password. We'll see if that works. I am now going to run Malwarebytes again.

Thanks for your suggestion.

Latest Discussions»Help & Search»Computer Help and Support»Problem with supposedly b...