Mail Delivery System emails???

Discussion in 'Windows Live Mail' started by Walter Goldschmidt, Oct 26, 2010.

  1. Keep getting these emails, about 20 to 30 a day. They say From:Mail Delivery
    System. Subject:Mail Delivery Failure. Then below I have pasted what they
    say. The also have an attached file which I scanned for a virus and found
    none. The attached file is called ATT00069.dat I've attached that file
    but I don't know if it will come through or not. Appreciate any help on
    this.


    Walt

    This message was created automatically by the mail system (ecelerity).

    A message that you sent could not be delivered to one or more of its
    recipients. This is a permanent error. The following address(es) failed:

    >>> (after RCPT TO): 550 Requested action not taken:
    >>> mailbox unavailable




    --------------------------------------------------------------------------------


    ------ This is a copy of the original message, including all headers. ------

    Return-Path: <>
    Authentication-Results: cdptpa-omtalb.mail.rr.com
    smtp.user=; auth=pass (PLAIN)
    X-Authority-Analysis: v=1.1 cv=Inhw+Jdt7z1D3BivGPfn2aw54OvUEJw5lAn/booRZkE=
    c=1 sm=0 a=8YLJaDplg2QA:10 a=IkcTkHD0fZMA:10 a=U6zP4io0eyXriI5kRbCzZQ==:17
    a=d7R94OsRAAAA:20 a=gjV1xc0t9rE_m_cTh2YA:9 a=Z8v8luvMMntYOCPAby4A:7
    a=dGo9NWTa6S_Fgz_JYQY6Zxa1k0oA:4 a=QEXdDO2ut3YA:10 a=F0BH2fg0mm0A:10
    a=U6zP4io0eyXriI5kRbCzZQ==:117
    X-Cloudmark-Score: 0
    X-Originating-IP: 190.41.121.100
    Received: from [190.41.121.100] ([190.41.121.100:17547] helo=Devin)
    by cdptpa-oedge04.mail.rr.com (envelope-from <>)
    (ecelerity 2.2.3.46 r()) with ESMTPA
    id 12/1D-13137-F4627CC4; Tue, 26 Oct 2010 19:04:47 +0000
    Message-ID: <>
    Date: Tue, 26 Oct 2010 14:04:49 -0500
    From: Devin Rheome <>
    User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en; rv:1.9.2.7)
    Gecko/20100713 Thunderbird/3.1.1
    MIME-Version: 1.0
    To: "Webber00799" <>
    Subject: D'o you id;entify m'e o:n that picture?
    Content-Type: text/html; charset=UTF-8
    Content-Transfer-Encoding: 7bit

    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    <html>
    <head>

    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
    <title>D'o you id;entify m'e o:n that picture?</title>
    </head>
    <body bgcolor="#ffffff" text="#000000">
    <a href="http://LNK.by/edq3P">http://LNK.by/edq3P</a>
    Name was dark eyes and called<br>
    Help thinking as much better. Whether he sat down beside the matter<br>
    Rejoined kate gently at length in short<br>
    <br>
    </body>
    </html>
    Walter Goldschmidt, Oct 26, 2010
    #1
    1. Advertising

  2. Walter Goldschmidt

    Magnus Guest

    This is porn spam. It bounced because the email address is bad, or the
    receiving account is over capacity, or that MSN rejected the email as spam.
    Like a fool I checked the link.

    It appears to be using your smtp server and account password (I'm not 100%
    sure of this)
    Are you sending these intentionally? (I doubt)
    Do these messages also appear in your Sent folder? (big trouble)
    Is the "to" email in your address book? (probably not)

    >>>>Please expunge your email info when posting<<<<<


    This is how the spammers get your address.

    Download malwarebytes antimalware and superantispyware. Install, and update
    their signature files. Do a FULL scan of your system one at a time. Clean,
    reboot to safe mode, and scan again.

    It would be prudent to change your email password with road runner.

    "Walter Goldschmidt" <@woh.rr.com> wrote in message
    news:ia79it$m9j$-september.org...
    > Keep getting these emails, about 20 to 30 a day. They say From:Mail
    > Delivery
    > System. Subject:Mail Delivery Failure. Then below I have pasted what they
    > say. The also have an attached file which I scanned for a virus and found
    > none. The attached file is called ATT00069.dat I've attached that
    > file
    > but I don't know if it will come through or not. Appreciate any help on
    > this.
    >
    >
    > Walt
    >
    > This message was created automatically by the mail system (ecelerity).
    >
    > A message that you sent could not be delivered to one or more of its
    > recipients. This is a permanent error. The following address(es) failed:
    >
    >>>> (after RCPT TO): 550 Requested action not taken:
    >>>> mailbox unavailable

    >
    >
    >
    > --------------------------------------------------------------------------------
    >
    >
    > ------ This is a copy of the original message, including all
    > headers. ------
    >
    > Return-Path: <>
    > Authentication-Results: cdptpa-omtalb.mail.rr.com
    > smtp.user=; auth=pass (PLAIN)
    > X-Authority-Analysis: v=1.1
    > cv=Inhw+Jdt7z1D3BivGPfn2aw54OvUEJw5lAn/booRZkE=
    > c=1 sm=0 a=8YLJaDplg2QA:10 a=IkcTkHD0fZMA:10 a=U6zP4io0eyXriI5kRbCzZQ==:17
    > a=d7R94OsRAAAA:20 a=gjV1xc0t9rE_m_cTh2YA:9 a=Z8v8luvMMntYOCPAby4A:7
    > a=dGo9NWTa6S_Fgz_JYQY6Zxa1k0oA:4 a=QEXdDO2ut3YA:10 a=F0BH2fg0mm0A:10
    > a=U6zP4io0eyXriI5kRbCzZQ==:117
    > X-Cloudmark-Score: 0
    > X-Originating-IP: 190.41.121.100
    > Received: from [190.41.121.100] ([190.41.121.100:17547] helo=Devin)
    > by cdptpa-oedge04.mail.rr.com (envelope-from <>)
    > (ecelerity 2.2.3.46 r()) with ESMTPA
    > id 12/1D-13137-F4627CC4; Tue, 26 Oct 2010 19:04:47 +0000
    > Message-ID: <>
    > Date: Tue, 26 Oct 2010 14:04:49 -0500
    > From: Devin Rheome <>
    > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en; rv:1.9.2.7)
    > Gecko/20100713 Thunderbird/3.1.1
    > MIME-Version: 1.0
    > To: "Webber00799" <>
    > Subject: D'o you id;entify m'e o:n that picture?
    > Content-Type: text/html; charset=UTF-8
    > Content-Transfer-Encoding: 7bit
    >
    > <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    > <html>
    > <head>
    >
    > <meta http-equiv="content-type" content="text/html; charset=UTF-8">
    > <title>D'o you id;entify m'e o:n that picture?</title>
    > </head>
    > <body bgcolor="#ffffff" text="#000000">
    > <a href="http://LNK.by/XXXXX">http://LNK.by/XXXXX</a>
    > Name was dark eyes and called<br>
    > Help thinking as much better. Whether he sat down beside the matter<br>
    > Rejoined kate gently at length in short<br>
    > <br>
    > </body>
    > </html>
    >
    Magnus, Oct 26, 2010
    #2
    1. Advertising

  3. No to all your questions. I haven't sent a single email to any of these,
    they aren't in my address book. Also not in my sent folder. I'll change my
    password. I've got Kaspersky Internet Security on my computer and I've gone
    to Kaspersky's web site and downloaded a virus removal tool called
    VirutKiller and ran it after disabling System Restore but it didn't find
    anything. Also the email address I have listed is not my true address. I'll
    also try those 2 programs you mentioned and change my password then I'll let
    you know what I find out. Thanks.

    Walt

    "Magnus" wrote in message news:3cHxo.189$...

    This is porn spam. It bounced because the email address is bad, or the
    receiving account is over capacity, or that MSN rejected the email as spam.
    Like a fool I checked the link.

    It appears to be using your smtp server and account password (I'm not 100%
    sure of this)
    Are you sending these intentionally? (I doubt)
    Do these messages also appear in your Sent folder? (big trouble)
    Is the "to" email in your address book? (probably not)

    >>>>Please expunge your email info when posting<<<<<


    This is how the spammers get your address.

    Download malwarebytes antimalware and superantispyware. Install, and update
    their signature files. Do a FULL scan of your system one at a time. Clean,
    reboot to safe mode, and scan again.

    It would be prudent to change your email password with road runner.

    "Walter Goldschmidt" <@woh.rr.com> wrote in message
    news:ia79it$m9j$-september.org...
    > Keep getting these emails, about 20 to 30 a day. They say From:Mail
    > Delivery
    > System. Subject:Mail Delivery Failure. Then below I have pasted what they
    > say. The also have an attached file which I scanned for a virus and found
    > none. The attached file is called ATT00069.dat I've attached that
    > file
    > but I don't know if it will come through or not. Appreciate any help on
    > this.
    >
    >
    > Walt
    >
    > This message was created automatically by the mail system (ecelerity).
    >
    > A message that you sent could not be delivered to one or more of its
    > recipients. This is a permanent error. The following address(es) failed:
    >
    >>>> (after RCPT TO): 550 Requested action not taken:
    >>>> mailbox unavailable

    >
    >
    >
    > --------------------------------------------------------------------------------
    >
    >
    > ------ This is a copy of the original message, including all
    > headers. ------
    >
    > Return-Path: <>
    > Authentication-Results: cdptpa-omtalb.mail.rr.com
    > smtp.user=; auth=pass (PLAIN)
    > X-Authority-Analysis: v=1.1
    > cv=Inhw+Jdt7z1D3BivGPfn2aw54OvUEJw5lAn/booRZkE=
    > c=1 sm=0 a=8YLJaDplg2QA:10 a=IkcTkHD0fZMA:10 a=U6zP4io0eyXriI5kRbCzZQ==:17
    > a=d7R94OsRAAAA:20 a=gjV1xc0t9rE_m_cTh2YA:9 a=Z8v8luvMMntYOCPAby4A:7
    > a=dGo9NWTa6S_Fgz_JYQY6Zxa1k0oA:4 a=QEXdDO2ut3YA:10 a=F0BH2fg0mm0A:10
    > a=U6zP4io0eyXriI5kRbCzZQ==:117
    > X-Cloudmark-Score: 0
    > X-Originating-IP: 190.41.121.100
    > Received: from [190.41.121.100] ([190.41.121.100:17547] helo=Devin)
    > by cdptpa-oedge04.mail.rr.com (envelope-from <>)
    > (ecelerity 2.2.3.46 r()) with ESMTPA
    > id 12/1D-13137-F4627CC4; Tue, 26 Oct 2010 19:04:47 +0000
    > Message-ID: <>
    > Date: Tue, 26 Oct 2010 14:04:49 -0500
    > From: Devin Rheome <>
    > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en; rv:1.9.2.7)
    > Gecko/20100713 Thunderbird/3.1.1
    > MIME-Version: 1.0
    > To: "Webber00799" <>
    > Subject: D'o you id;entify m'e o:n that picture?
    > Content-Type: text/html; charset=UTF-8
    > Content-Transfer-Encoding: 7bit
    >
    > <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    > <html>
    > <head>
    >
    > <meta http-equiv="content-type" content="text/html; charset=UTF-8">
    > <title>D'o you id;entify m'e o:n that picture?</title>
    > </head>
    > <body bgcolor="#ffffff" text="#000000">
    > <a href="http://LNK.by/XXXXX">http://LNK.by/XXXXX</a>
    > Name was dark eyes and called<br>
    > Help thinking as much better. Whether he sat down beside the matter<br>
    > Rejoined kate gently at length in short<br>
    > <br>
    > </body>
    > </html>
    >
    Walter Goldschmidt, Oct 27, 2010
    #3
  4. Walter Goldschmidt

    Magnus Guest

    It's possible that your email address has been harvested and is forged as
    the from source on a spam system completely apart from you and your account.
    To be sure, check your webmail interface sent folder. If you see nothing
    unusual here, you're just a victim of a virulent spamming jerk. If that's
    the case, changing your password will have no effect and you'll continue to
    receive the bouncing emails until the spammer swaps your email address for
    another.

    At Earthlink I'd get these maybe a few times a month, and figure they were
    random. But at your level, I'd want to check that nothing has been
    compromised.


    "Walter Goldschmidt" <> wrote in message
    news:ia7mth$dq5$-september.org...
    > No to all your questions. I haven't sent a single email to any of these,
    > they aren't in my address book. Also not in my sent folder. I'll change my
    > password. I've got Kaspersky Internet Security on my computer and I've
    > gone to Kaspersky's web site and downloaded a virus removal tool called
    > VirutKiller and ran it after disabling System Restore but it didn't find
    > anything. Also the email address I have listed is not my true address.
    > I'll also try those 2 programs you mentioned and change my password then
    > I'll let you know what I find out. Thanks.
    >
    > Walt
    >
    > "Magnus" wrote in message news:3cHxo.189$...
    >
    > This is porn spam. It bounced because the email address is bad, or the
    > receiving account is over capacity, or that MSN rejected the email as
    > spam.
    > Like a fool I checked the link.
    >
    > It appears to be using your smtp server and account password (I'm not 100%
    > sure of this)
    > Are you sending these intentionally? (I doubt)
    > Do these messages also appear in your Sent folder? (big trouble)
    > Is the "to" email in your address book? (probably not)
    >
    >>>>>Please expunge your email info when posting<<<<<

    >
    > This is how the spammers get your address.
    >
    > Download malwarebytes antimalware and superantispyware. Install, and
    > update
    > their signature files. Do a FULL scan of your system one at a time. Clean,
    > reboot to safe mode, and scan again.
    >
    > It would be prudent to change your email password with road runner.
    >
    > "Walter Goldschmidt" <@woh.rr.com> wrote in message
    > news:ia79it$m9j$-september.org...
    >> Keep getting these emails, about 20 to 30 a day. They say From:Mail
    >> Delivery
    >> System. Subject:Mail Delivery Failure. Then below I have pasted what they
    >> say. The also have an attached file which I scanned for a virus and found
    >> none. The attached file is called ATT00069.dat I've attached that
    >> file
    >> but I don't know if it will come through or not. Appreciate any help on
    >> this.
    >>
    >>
    >> Walt
    >>
    >> This message was created automatically by the mail system (ecelerity).
    >>
    >> A message that you sent could not be delivered to one or more of its
    >> recipients. This is a permanent error. The following address(es) failed:
    >>
    >>>>> (after RCPT TO): 550 Requested action not taken:
    >>>>> mailbox unavailable

    >>
    >>
    >>
    >> --------------------------------------------------------------------------------
    >>
    >>
    >> ------ This is a copy of the original message, including all
    >> headers. ------
    >>
    >> Return-Path: <>
    >> Authentication-Results: cdptpa-omtalb.mail.rr.com
    >> smtp.user=; auth=pass (PLAIN)
    >> X-Authority-Analysis: v=1.1
    >> cv=Inhw+Jdt7z1D3BivGPfn2aw54OvUEJw5lAn/booRZkE=
    >> c=1 sm=0 a=8YLJaDplg2QA:10 a=IkcTkHD0fZMA:10
    >> a=U6zP4io0eyXriI5kRbCzZQ==:17
    >> a=d7R94OsRAAAA:20 a=gjV1xc0t9rE_m_cTh2YA:9 a=Z8v8luvMMntYOCPAby4A:7
    >> a=dGo9NWTa6S_Fgz_JYQY6Zxa1k0oA:4 a=QEXdDO2ut3YA:10 a=F0BH2fg0mm0A:10
    >> a=U6zP4io0eyXriI5kRbCzZQ==:117
    >> X-Cloudmark-Score: 0
    >> X-Originating-IP: 190.41.121.100
    >> Received: from [190.41.121.100] ([190.41.121.100:17547] helo=Devin)
    >> by cdptpa-oedge04.mail.rr.com (envelope-from <>)
    >> (ecelerity 2.2.3.46 r()) with ESMTPA
    >> id 12/1D-13137-F4627CC4; Tue, 26 Oct 2010 19:04:47 +0000
    >> Message-ID: <>
    >> Date: Tue, 26 Oct 2010 14:04:49 -0500
    >> From: Devin Rheome <>
    >> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en; rv:1.9.2.7)
    >> Gecko/20100713 Thunderbird/3.1.1
    >> MIME-Version: 1.0
    >> To: "Webber00799" <>
    >> Subject: D'o you id;entify m'e o:n that picture?
    >> Content-Type: text/html; charset=UTF-8
    >> Content-Transfer-Encoding: 7bit
    >>
    >> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    >> <html>
    >> <head>
    >>
    >> <meta http-equiv="content-type" content="text/html; charset=UTF-8">
    >> <title>D'o you id;entify m'e o:n that picture?</title>
    >> </head>
    >> <body bgcolor="#ffffff" text="#000000">
    >> <a href="http://LNK.by/XXXXX">http://LNK.by/XXXXX</a>
    >> Name was dark eyes and called<br>
    >> Help thinking as much better. Whether he sat down beside the
    >> matter<br>
    >> Rejoined kate gently at length in short<br>
    >> <br>
    >> </body>
    >> </html>
    >>
    Magnus, Oct 27, 2010
    #4
  5. Walter Goldschmidt

    N. Miller Guest

    On Tue, 26 Oct 2010 15:18:51 -0400, Walter Goldschmidt wrote:

    > Keep getting these emails, about 20 to 30 a day. They say From:Mail Delivery
    > System. Subject:Mail Delivery Failure. Then below I have pasted what they
    > say. The also have an attached file which I scanned for a virus and found
    > none. The attached file is called ATT00069.dat I've attached that file
    > but I don't know if it will come through or not. Appreciate any help on
    > this.


    The attachment is failing to open in my client. The following header line
    from your posted "original message" is interesting:

    | Received: from [190.41.121.100] ([190.41.121.100:17547] helo=Devin)
    | by cdptpa-oedge04.mail.rr.com (envelope-from <>)
    | (ecelerity 2.2.3.46 r()) with ESMTPA
    | id 12/1D-13137-F4627CC4; Tue, 26 Oct 2010 19:04:47 +0000

    This is saying that a Road Runner mail server (operated by RR for their
    customers) got the email from a host on the 'Telefonica del Peru' network;
    probably an ISP customer because there is no rDNS on the IP address (typical
    of dynamic hosts in Latin America (LACNIC) and Asia (APNIC).

    The problem, that I can see, is that the Hotmail address of the recipient is
    no good, or the mailbox is full (unlikely, I think, because Hotmail
    mailboxes are pretty large). And this appears to be a Road Runner message
    submission server, which is relaying from Peru. So the spammer appears to be
    using your email account credentials (Username+Password) to induce the Road
    Runner message submission servers to send this spam as you. This will not be
    the first time that an ISP account has been compromised by spammers in order
    to evade port 25 blocks.

    It is unlikely that your computer is compromised. More likely just your Road
    Runner email account has been compromised. When you change your account
    password, consider using a password at least sixteen characters in length,
    and a random mix of upper and lower case alpha characters, numerals, and at
    least one "special character" (pound sign (#), caret (^), or whatever, if RR
    allows.

    This sort of compromise it the target of "phishing" attempts, where an ISP
    email account holder is told that the ESP is revamping their email system,
    and the user must validate their account by sending the account
    Username+Password, or lose that account. I've seen Hotmail and AT&T email
    account users asking if such a request is a valid request from those
    respective services. I am sure that Road Runner users are not exempt from
    such phishing attempts.

    --
    Norman
    ~Oh Lord, why have you come
    ~To Konnyu, with the Lion and the Drum
    N. Miller, Oct 27, 2010
    #5
  6. OK, I changed my Road Runner email password. I ran a virus scan with both
    malwarebytes antimalware & superantispyware in both regular mode and safe
    mode. I found 59 adware's using superantispyware in regular mode and none
    when I ran it in safe mode. After running malwarebytes I found 1 malware in
    regular mode and none in safe mode. That was on my laptop. On my desktop I
    found a lot more with superantispyware in regular mode and a lot less in
    safe mode. Also same with malwarebytes. I don't know if 2 computers on same
    link can effect each other or not. The laptop has a wireless connection and
    the desk top a hard wired. The laptop is used 95% of the time. I do very
    little porn searching but hey I'm a man and occasionally I do catch myself
    checking the women out. I also do a little movie & music downloading using
    BitTorrent. Since the changes last night I haven't received any of those
    emails so far today. Give me another day and I'll let you know if I get
    anymore. I may have a few questions for you guys too since you seem to be
    knowledgeable on this. Thanks.

    Walt

    "N. Miller" wrote in message news:pqmltcx23d7l$...

    On Tue, 26 Oct 2010 15:18:51 -0400, Walter Goldschmidt wrote:

    > Keep getting these emails, about 20 to 30 a day. They say From:Mail
    > Delivery
    > System. Subject:Mail Delivery Failure. Then below I have pasted what they
    > say. The also have an attached file which I scanned for a virus and found
    > none. The attached file is called ATT00069.dat I've attached that
    > file
    > but I don't know if it will come through or not. Appreciate any help on
    > this.


    The attachment is failing to open in my client. The following header line
    from your posted "original message" is interesting:

    | Received: from [190.41.121.100] ([190.41.121.100:17547] helo=Devin)
    | by cdptpa-oedge04.mail.rr.com (envelope-from
    <>)
    | (ecelerity 2.2.3.46 r()) with ESMTPA
    | id 12/1D-13137-F4627CC4; Tue, 26 Oct 2010 19:04:47 +0000

    This is saying that a Road Runner mail server (operated by RR for their
    customers) got the email from a host on the 'Telefonica del Peru' network;
    probably an ISP customer because there is no rDNS on the IP address (typical
    of dynamic hosts in Latin America (LACNIC) and Asia (APNIC).

    The problem, that I can see, is that the Hotmail address of the recipient is
    no good, or the mailbox is full (unlikely, I think, because Hotmail
    mailboxes are pretty large). And this appears to be a Road Runner message
    submission server, which is relaying from Peru. So the spammer appears to be
    using your email account credentials (Username+Password) to induce the Road
    Runner message submission servers to send this spam as you. This will not be
    the first time that an ISP account has been compromised by spammers in order
    to evade port 25 blocks.

    It is unlikely that your computer is compromised. More likely just your Road
    Runner email account has been compromised. When you change your account
    password, consider using a password at least sixteen characters in length,
    and a random mix of upper and lower case alpha characters, numerals, and at
    least one "special character" (pound sign (#), caret (^), or whatever, if RR
    allows.

    This sort of compromise it the target of "phishing" attempts, where an ISP
    email account holder is told that the ESP is revamping their email system,
    and the user must validate their account by sending the account
    Username+Password, or lose that account. I've seen Hotmail and AT&T email
    account users asking if such a request is a valid request from those
    respective services. I am sure that Road Runner users are not exempt from
    such phishing attempts.

    --
    Norman
    ~Oh Lord, why have you come
    ~To Konnyu, with the Lion and the Drum
    Walter Goldschmidt, Oct 27, 2010
    #6
  7. Also the attached file is a dat file, can you even open them types (dat)?

    Walt

    "Walter Goldschmidt" wrote in message
    news:ia96cq$i4r$-september.org...

    OK, I changed my Road Runner email password. I ran a virus scan with both
    malwarebytes antimalware & superantispyware in both regular mode and safe
    mode. I found 59 adware's using superantispyware in regular mode and none
    when I ran it in safe mode. After running malwarebytes I found 1 malware in
    regular mode and none in safe mode. That was on my laptop. On my desktop I
    found a lot more with superantispyware in regular mode and a lot less in
    safe mode. Also same with malwarebytes. I don't know if 2 computers on same
    link can effect each other or not. The laptop has a wireless connection and
    the desk top a hard wired. The laptop is used 95% of the time. I do very
    little porn searching but hey I'm a man and occasionally I do catch myself
    checking the women out. I also do a little movie & music downloading using
    BitTorrent. Since the changes last night I haven't received any of those
    emails so far today. Give me another day and I'll let you know if I get
    anymore. I may have a few questions for you guys too since you seem to be
    knowledgeable on this. Thanks.

    Walt

    "N. Miller" wrote in message news:pqmltcx23d7l$...

    On Tue, 26 Oct 2010 15:18:51 -0400, Walter Goldschmidt wrote:

    > Keep getting these emails, about 20 to 30 a day. They say From:Mail
    > Delivery
    > System. Subject:Mail Delivery Failure. Then below I have pasted what they
    > say. The also have an attached file which I scanned for a virus and found
    > none. The attached file is called ATT00069.dat I've attached that
    > file
    > but I don't know if it will come through or not. Appreciate any help on
    > this.


    The attachment is failing to open in my client. The following header line
    from your posted "original message" is interesting:

    | Received: from [190.41.121.100] ([190.41.121.100:17547] helo=Devin)
    | by cdptpa-oedge04.mail.rr.com (envelope-from
    <>)
    | (ecelerity 2.2.3.46 r()) with ESMTPA
    | id 12/1D-13137-F4627CC4; Tue, 26 Oct 2010 19:04:47 +0000

    This is saying that a Road Runner mail server (operated by RR for their
    customers) got the email from a host on the 'Telefonica del Peru' network;
    probably an ISP customer because there is no rDNS on the IP address (typical
    of dynamic hosts in Latin America (LACNIC) and Asia (APNIC).

    The problem, that I can see, is that the Hotmail address of the recipient is
    no good, or the mailbox is full (unlikely, I think, because Hotmail
    mailboxes are pretty large). And this appears to be a Road Runner message
    submission server, which is relaying from Peru. So the spammer appears to be
    using your email account credentials (Username+Password) to induce the Road
    Runner message submission servers to send this spam as you. This will not be
    the first time that an ISP account has been compromised by spammers in order
    to evade port 25 blocks.

    It is unlikely that your computer is compromised. More likely just your Road
    Runner email account has been compromised. When you change your account
    password, consider using a password at least sixteen characters in length,
    and a random mix of upper and lower case alpha characters, numerals, and at
    least one "special character" (pound sign (#), caret (^), or whatever, if RR
    allows.

    This sort of compromise it the target of "phishing" attempts, where an ISP
    email account holder is told that the ESP is revamping their email system,
    and the user must validate their account by sending the account
    Username+Password, or lose that account. I've seen Hotmail and AT&T email
    account users asking if such a request is a valid request from those
    respective services. I am sure that Road Runner users are not exempt from
    such phishing attempts.

    --
    Norman
    ~Oh Lord, why have you come
    ~To Konnyu, with the Lion and the Drum
    Walter Goldschmidt, Oct 27, 2010
    #7
  8. Walter Goldschmidt

    Ildhund Guest

    > Also the attached file is a dat file, can you even open them types (dat)?

    It's only a text file:
    ================
    Arrival-Date: Tue, 26 Oct 2010 19:04:48 +0000
    Reporting-MTA: dns; cdptpa-oedge04.mail.rr.com

    Last-Attempt-Date: Tue, 26 Oct 2010 19:04:48 +0000
    Final-Recipient: rfc822;
    Action: failed
    Remote-MTA: dns; mx4.hotmail.com
    Diagnostic-Code: smtp; 550 Requested action not taken: mailbox unavailable
    Status: 5.0.0
    ==================
    --
    Noel
    Ildhund, Oct 27, 2010
    #8
  9. Walter Goldschmidt

    N. Miller Guest

    On Wed, 27 Oct 2010 15:24:12 -0400, Walter Goldschmidt wrote:

    > Also the attached file is a dat file, can you even open them types (dat)?


    My client throws an exception error when it tries. Probably doesn't have a
    specified handler for the .dat extension. It is a problem on my end, and one
    I don't normally encounter, so I don't really feel like trying to find a
    solution.

    --
    Norman
    ~Oh Lord, why have you come
    ~To Konnyu, with the Lion and the Drum
    N. Miller, Oct 28, 2010
    #9
  10. I've only received 1 more of these emails in the last 36 hours which is an
    improvement. This one had 2 attached files. One is pasted below. Also the
    original dat file I included in my original posting is included below. Maybe
    I fixed the problem but I don't know if it's because I changed my Road
    Runner password or because of the virus scan. I'll post again every day for
    next few days to let you know if I get anymore. Thanks.

    Walt

    This is what the attachment I hac_ked in;to Cla;s said.

    I hac*ked int;o Cla;ssmates. Do yo;u see your girlfriend pictures h_ere?
    Neil Rolison
    To: Waerhg<>;

    http://spedr.com/4xyr2 Frank is none but also
    Wait and say where is gone. Surely not yet for god help
    Mr brass plate and looked out that

    This is what attached dat file said.

    al-Date: Tue, 26 Oct 2010 19:04:48 +0000
    Reporting-MTA: dns; cdptpa-oedge04.mail.rr.com

    Last-Attempt-Date: Tue, 26 Oct 2010 19:04:48 +0000
    Final-Recipient: rfc822;
    Action: failed
    Remote-MTA: dns; mx4.hotmail.com
    Diagnostic-Code: smtp; 550 Requested action not taken: mailbox unavailable
    Status: 5.0.0

    "N. Miller" wrote in message news:...

    On Wed, 27 Oct 2010 15:24:12 -0400, Walter Goldschmidt wrote:

    > Also the attached file is a dat file, can you even open them types (dat)?


    My client throws an exception error when it tries. Probably doesn't have a
    specified handler for the .dat extension. It is a problem on my end, and one
    I don't normally encounter, so I don't really feel like trying to find a
    solution.

    --
    Norman
    ~Oh Lord, why have you come
    ~To Konnyu, with the Lion and the Drum
    Walter Goldschmidt, Oct 28, 2010
    #10
  11. Walter Goldschmidt

    Magnus Guest

    You can generally ignore *.dat files. They are mail server "debris" that
    contain routing information. It's unlikely they were part of the original
    message. If you're curious, you can open them with Notepad.

    "Walter Goldschmidt" <> wrote in message
    news:iabvrg$sm6$-september.org...
    > I've only received 1 more of these emails in the last 36 hours which is an
    > improvement. This one had 2 attached files. One is pasted below. Also the
    > original dat file I included in my original posting is included below.
    > Maybe I fixed the problem but I don't know if it's because I changed my
    > Road Runner password or because of the virus scan. I'll post again every
    > day for next few days to let you know if I get anymore. Thanks.
    >
    > Walt
    >
    > This is what the attachment I hac_ked in;to Cla;s said.
    >
    > I hac*ked int;o Cla;ssmates. Do yo;u see your girlfriend pictures h_ere?
    > Neil Rolison
    > To: Waerhg<>;
    >
    > http://spedr.com/4xyr2 Frank is none but also
    > Wait and say where is gone. Surely not yet for god help
    > Mr brass plate and looked out that
    >
    > This is what attached dat file said.
    >
    > al-Date: Tue, 26 Oct 2010 19:04:48 +0000
    > Reporting-MTA: dns; cdptpa-oedge04.mail.rr.com
    >
    > Last-Attempt-Date: Tue, 26 Oct 2010 19:04:48 +0000
    > Final-Recipient: rfc822;
    > Action: failed
    > Remote-MTA: dns; mx4.hotmail.com
    > Diagnostic-Code: smtp; 550 Requested action not taken: mailbox unavailable
    > Status: 5.0.0
    >
    > "N. Miller" wrote in message news:...
    >
    > On Wed, 27 Oct 2010 15:24:12 -0400, Walter Goldschmidt wrote:
    >
    >> Also the attached file is a dat file, can you even open them types (dat)?

    >
    > My client throws an exception error when it tries. Probably doesn't have a
    > specified handler for the .dat extension. It is a problem on my end, and
    > one
    > I don't normally encounter, so I don't really feel like trying to find a
    > solution.
    >
    > --
    > Norman
    > ~Oh Lord, why have you come
    > ~To Konnyu, with the Lion and the Drum
    Magnus, Oct 28, 2010
    #11
  12. I know all about using NotePad to open dat files I figured that out on my
    own. If you read my last post I've included the original dat file at the
    bottom of my post. Also I understand about there not being any such email
    address and that's why I'm getting these messages. I'm not the one sending
    the emails and all I'm concerned about is stopping these irritating emails
    from the Mail Delivery System. They are filling up my Inbox.

    Walt

    "R. C. White" wrote in message
    news:...

    ?Hi, Walt.

    Much furor over nothing, I think.

    Someone is sending emails (doesn't matter what the payload is) using your
    address. The recipient's address is not working for SOME reason, which need
    not concern you. So the addressed server (MSN.com) is "bouncing" the
    message back to what it thinks is the sender - that's YOU. And the Mail
    Delivery System is simply notifying YOU that it can't deliver that mail.

    Often the "failure" message will say that it will keep retrying for 5 days,
    or some other period. But your message says it is a "permanent error"
    because the mailbox is "unavailable". Not just that there is a glitch
    somewhere along the delivery route; the message got as far as msn.com, but
    the recipient's address is invalid for some reason. So, the cycle is
    complete: Sent mail; can't deliver and retrying won't help; put message in
    Bit Bucket (formerly the Dead Letter File when real paper was involved) and
    notify Sender; Case Closed! Next!

    By the way, you can read that .dat file by right-clicking on it and using
    Notepad. But it's not worth the trouble. Here's what it says:
    <paste>
    Arrival-Date: Tue, 26 Oct 2010 19:04:48 +0000
    Reporting-MTA: dns; cdptpa-oedge04.mail.rr.com

    Last-Attempt-Date: Tue, 26 Oct 2010 19:04:48 +0000
    Final-Recipient: rfc822;
    Action: failed
    Remote-MTA: dns; mx4.hotmail.com
    Diagnostic-Code: smtp; 550 Requested action not taken: mailbox unavailable
    Status: 5.0.0
    </paste>

    If this was a valid message that you had actually sent, you could try to
    track it down. But since you didn't send it anyhow, why bother?

    This is one of the most-common nuisances in email. The SPAMMER finds a list
    of address in somebody's address book. Since these "friends" are all
    connected in some way, there's a good chance that any one of them will open
    a message from any other one. So the SPAMMER has a pretty high confidence
    that his message will be read if he makes the recipient think that the
    message is coming from a friend. So he creates his SPAM message and Sends
    it to one of the names, after inserting another of the names into the From
    box. At that point, the SPAMMER's job is done. He doesn't even care if the
    message gets bounced to "the sender".

    Where does the SPAMMER get lists of names? Possibilities are endless, but
    all those chain Forwards (from AOLers and others) with addresses of
    "Everybody you know" - and everybody each of them knows, ad infinitum - are
    prime sources. If only these clueless newbies would just learn to edit out
    all the forwarded addresses... :>(

    Bottom line: YOUR message has now died its natural death. Delete it and
    forget about it.

    RC
    --
    R. C. White, CPA
    San Marcos, TX

    Microsoft Windows MVP (2002-9/30/10)
    Windows Live Mail Version 2011 (Build 15.4.3502.0922) in Win7 Ultimate x64
    SP1 beta


    "Walter Goldschmidt" wrote in message
    news:ia79it$m9j$-september.org...

    Keep getting these emails, about 20 to 30 a day. They say From:Mail Delivery
    System. Subject:Mail Delivery Failure. Then below I have pasted what they
    say. The also have an attached file which I scanned for a virus and found
    none. The attached file is called ATT00069.dat I've attached that file
    but I don't know if it will come through or not. Appreciate any help on
    this.


    Walt

    This message was created automatically by the mail system (ecelerity).

    A message that you sent could not be delivered to one or more of its
    recipients. This is a permanent error. The following address(es) failed:

    >>> (after RCPT TO): 550 Requested action not taken:
    >>> mailbox unavailable




    --------------------------------------------------------------------------------


    ------ This is a copy of the original message, including all headers. ------

    Return-Path: <>
    Authentication-Results: cdptpa-omtalb.mail.rr.com
    smtp.user=; auth=pass (PLAIN)
    X-Authority-Analysis: v=1.1 cv=Inhw+Jdt7z1D3BivGPfn2aw54OvUEJw5lAn/booRZkE=
    c=1 sm=0 a=8YLJaDplg2QA:10 a=IkcTkHD0fZMA:10 a=U6zP4io0eyXriI5kRbCzZQ==:17
    a=d7R94OsRAAAA:20 a=gjV1xc0t9rE_m_cTh2YA:9 a=Z8v8luvMMntYOCPAby4A:7
    a=dGo9NWTa6S_Fgz_JYQY6Zxa1k0oA:4 a=QEXdDO2ut3YA:10 a=F0BH2fg0mm0A:10
    a=U6zP4io0eyXriI5kRbCzZQ==:117
    X-Cloudmark-Score: 0
    X-Originating-IP: 190.41.121.100
    Received: from [190.41.121.100] ([190.41.121.100:17547] helo=Devin)
    by cdptpa-oedge04.mail.rr.com (envelope-from <>)
    (ecelerity 2.2.3.46 r()) with ESMTPA
    id 12/1D-13137-F4627CC4; Tue, 26 Oct 2010 19:04:47 +0000
    Message-ID: <>
    Date: Tue, 26 Oct 2010 14:04:49 -0500
    From: Devin Rheome <>
    User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en; rv:1.9.2.7)
    Gecko/20100713 Thunderbird/3.1.1
    MIME-Version: 1.0
    To: "Webber00799" <>
    Subject: D'o you id;entify m'e o:n that picture?
    Content-Type: text/html; charset=UTF-8
    Content-Transfer-Encoding: 7bit

    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    <html>
    <head>

    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
    <title>D'o you id;entify m'e o:n that picture?</title>
    </head>
    <body bgcolor="#ffffff" text="#000000">
    <a href="http://LNK.by/edq3P">http://LNK.by/edq3P</a>
    Name was dark eyes and called<br>
    Help thinking as much better. Whether he sat down beside the matter<br>
    Rejoined kate gently at length in short<br>
    <br>
    </body>
    </html>
    Walter Goldschmidt, Oct 28, 2010
    #12
  13. Walter Goldschmidt

    N. Miller Guest

    On Thu, 28 Oct 2010 09:04:54 -0500, R. C. White wrote:

    > Much furor over nothing, I think.
    >
    > Someone is sending emails (doesn't matter what the payload is) using your
    > address.


    Well, except for the fact that the sender appears to be able to log in to
    the Road Runner message submission server using the OP's login credentials.
    I'd consider that very worrisome. If someone were not just posing as me to
    send an email (that has been done to me in the past), but posing as me to
    log in to the message submission server which handles my email (I've never
    had that happen to me!)

    --
    Norman
    ~Oh Lord, why have you come
    ~To Konnyu, with the Lion and the Drum
    N. Miller, Oct 28, 2010
    #13
  14. In last 24 hours no more returned emails. Probably changing my Road Runner
    password corrected the problem. I don't remember getting any emails asking
    me to confirm my account details but it is possible that happened and I just
    don't remember. I've been aware of this kind of email asking for account
    details for about 1 or 2 months and I no longer click on the link in my
    email to go to my online accounts. I go to IE Favorites folder and go to my
    sites that way in order to be safe. I'll post the next 2 mornings to let you
    know if I get any more. Thanks everybody.

    Walt

    "N. Miller" wrote in message news:pqmltcx23d7l$...

    On Tue, 26 Oct 2010 15:18:51 -0400, Walter Goldschmidt wrote:

    > Keep getting these emails, about 20 to 30 a day. They say From:Mail
    > Delivery
    > System. Subject:Mail Delivery Failure. Then below I have pasted what they
    > say. The also have an attached file which I scanned for a virus and found
    > none. The attached file is called ATT00069.dat I've attached that
    > file
    > but I don't know if it will come through or not. Appreciate any help on
    > this.


    The attachment is failing to open in my client. The following header line
    from your posted "original message" is interesting:

    | Received: from [190.41.121.100] ([190.41.121.100:17547] helo=Devin)
    | by cdptpa-oedge04.mail.rr.com (envelope-from
    <>)
    | (ecelerity 2.2.3.46 r()) with ESMTPA
    | id 12/1D-13137-F4627CC4; Tue, 26 Oct 2010 19:04:47 +0000

    This is saying that a Road Runner mail server (operated by RR for their
    customers) got the email from a host on the 'Telefonica del Peru' network;
    probably an ISP customer because there is no rDNS on the IP address (typical
    of dynamic hosts in Latin America (LACNIC) and Asia (APNIC).

    The problem, that I can see, is that the Hotmail address of the recipient is
    no good, or the mailbox is full (unlikely, I think, because Hotmail
    mailboxes are pretty large). And this appears to be a Road Runner message
    submission server, which is relaying from Peru. So the spammer appears to be
    using your email account credentials (Username+Password) to induce the Road
    Runner message submission servers to send this spam as you. This will not be
    the first time that an ISP account has been compromised by spammers in order
    to evade port 25 blocks.

    It is unlikely that your computer is compromised. More likely just your Road
    Runner email account has been compromised. When you change your account
    password, consider using a password at least sixteen characters in length,
    and a random mix of upper and lower case alpha characters, numerals, and at
    least one "special character" (pound sign (#), caret (^), or whatever, if RR
    allows.

    This sort of compromise it the target of "phishing" attempts, where an ISP
    email account holder is told that the ESP is revamping their email system,
    and the user must validate their account by sending the account
    Username+Password, or lose that account. I've seen Hotmail and AT&T email
    account users asking if such a request is a valid request from those
    respective services. I am sure that Road Runner users are not exempt from
    such phishing attempts.

    --
    Norman
    ~Oh Lord, why have you come
    ~To Konnyu, with the Lion and the Drum
    Walter Goldschmidt, Oct 29, 2010
    #14
  15. Walter Goldschmidt

    Magnus Guest

    Hurrah!

    "Walter Goldschmidt" <> wrote in message
    news:iaefsn$u14$-september.org...
    > In last 24 hours no more returned emails. Probably changing my Road Runner
    > password corrected the problem. I don't remember getting any emails asking
    > me to confirm my account details but it is possible that happened and I
    > just don't remember. I've been aware of this kind of email asking for
    > account details for about 1 or 2 months and I no longer click on the link
    > in my email to go to my online accounts. I go to IE Favorites folder and
    > go to my sites that way in order to be safe. I'll post the next 2 mornings
    > to let you know if I get any more. Thanks everybody.
    >
    > Walt
    >
    > "N. Miller" wrote in message news:pqmltcx23d7l$...
    >
    > On Tue, 26 Oct 2010 15:18:51 -0400, Walter Goldschmidt wrote:
    >
    >> Keep getting these emails, about 20 to 30 a day. They say From:Mail
    >> Delivery
    >> System. Subject:Mail Delivery Failure. Then below I have pasted what they
    >> say. The also have an attached file which I scanned for a virus and found
    >> none. The attached file is called ATT00069.dat I've attached that
    >> file
    >> but I don't know if it will come through or not. Appreciate any help on
    >> this.

    >
    > The attachment is failing to open in my client. The following header line
    > from your posted "original message" is interesting:
    >
    > | Received: from [190.41.121.100] ([190.41.121.100:17547] helo=Devin)
    > | by cdptpa-oedge04.mail.rr.com (envelope-from
    > <>)
    > | (ecelerity 2.2.3.46 r()) with ESMTPA
    > | id 12/1D-13137-F4627CC4; Tue, 26 Oct 2010 19:04:47 +0000
    >
    > This is saying that a Road Runner mail server (operated by RR for their
    > customers) got the email from a host on the 'Telefonica del Peru' network;
    > probably an ISP customer because there is no rDNS on the IP address
    > (typical
    > of dynamic hosts in Latin America (LACNIC) and Asia (APNIC).
    >
    > The problem, that I can see, is that the Hotmail address of the recipient
    > is
    > no good, or the mailbox is full (unlikely, I think, because Hotmail
    > mailboxes are pretty large). And this appears to be a Road Runner message
    > submission server, which is relaying from Peru. So the spammer appears to
    > be
    > using your email account credentials (Username+Password) to induce the
    > Road
    > Runner message submission servers to send this spam as you. This will not
    > be
    > the first time that an ISP account has been compromised by spammers in
    > order
    > to evade port 25 blocks.
    >
    > It is unlikely that your computer is compromised. More likely just your
    > Road
    > Runner email account has been compromised. When you change your account
    > password, consider using a password at least sixteen characters in length,
    > and a random mix of upper and lower case alpha characters, numerals, and
    > at
    > least one "special character" (pound sign (#), caret (^), or whatever, if
    > RR
    > allows.
    >
    > This sort of compromise it the target of "phishing" attempts, where an ISP
    > email account holder is told that the ESP is revamping their email system,
    > and the user must validate their account by sending the account
    > Username+Password, or lose that account. I've seen Hotmail and AT&T email
    > account users asking if such a request is a valid request from those
    > respective services. I am sure that Road Runner users are not exempt from
    > such phishing attempts.
    >
    > --
    > Norman
    > ~Oh Lord, why have you come
    > ~To Konnyu, with the Lion and the Drum
    Magnus, Oct 29, 2010
    #15
  16. Walter Goldschmidt

    N. Miller Guest

    On Fri, 29 Oct 2010 08:49:24 -0400, Walter Goldschmidt wrote:

    > In last 24 hours no more returned emails. Probably changing my Road Runner
    > password corrected the problem. I don't remember getting any emails asking
    > me to confirm my account details but it is possible that happened and I just
    > don't remember. I've been aware of this kind of email asking for account
    > details for about 1 or 2 months and I no longer click on the link in my
    > email to go to my online accounts. I go to IE Favorites folder and go to my
    > sites that way in order to be safe. I'll post the next 2 mornings to let you
    > know if I get any more. Thanks everybody.


    That is good to hear. However, the "phish" may not be the only mechanism to
    compromise account details. I don't know how Road Runner works, but the big
    ESPs ("Email Service Providers"), such as MSN ("Windows Live Hotmail") and
    Yahoo! appear to have had issues with user account details being compromised
    by means other than "phishing". Possibly weak passwords, I suppose, which
    can be "brute forced".

    --
    Norman
    ~Oh Lord, why have you come
    ~To Konnyu, with the Lion and the Drum
    N. Miller, Oct 29, 2010
    #16
  17. Thanks guys, I don't use Windows Live Hotmail but I do use the program
    Windows Live Mail.

    Walt

    "N. Miller" wrote in message news:d9tkk9hgw2uk$...

    On Fri, 29 Oct 2010 08:49:24 -0400, Walter Goldschmidt wrote:

    > In last 24 hours no more returned emails. Probably changing my Road Runner
    > password corrected the problem. I don't remember getting any emails asking
    > me to confirm my account details but it is possible that happened and I
    > just
    > don't remember. I've been aware of this kind of email asking for account
    > details for about 1 or 2 months and I no longer click on the link in my
    > email to go to my online accounts. I go to IE Favorites folder and go to
    > my
    > sites that way in order to be safe. I'll post the next 2 mornings to let
    > you
    > know if I get any more. Thanks everybody.


    That is good to hear. However, the "phish" may not be the only mechanism to
    compromise account details. I don't know how Road Runner works, but the big
    ESPs ("Email Service Providers"), such as MSN ("Windows Live Hotmail") and
    Yahoo! appear to have had issues with user account details being compromised
    by means other than "phishing". Possibly weak passwords, I suppose, which
    can be "brute forced".

    --
    Norman
    ~Oh Lord, why have you come
    ~To Konnyu, with the Lion and the Drum
    Walter Goldschmidt, Oct 29, 2010
    #17
  18. Great news we can now all sleep at night. No more junk emails. One question,
    how did this guy get my Roadrunner email username and password? Was it a web
    site I visited or something else.

    Walt

    "N. Miller" wrote in message news:...

    On Thu, 28 Oct 2010 09:04:54 -0500, R. C. White wrote:

    > Much furor over nothing, I think.
    >
    > Someone is sending emails (doesn't matter what the payload is) using your
    > address.


    Well, except for the fact that the sender appears to be able to log in to
    the Road Runner message submission server using the OP's login credentials.
    I'd consider that very worrisome. If someone were not just posing as me to
    send an email (that has been done to me in the past), but posing as me to
    log in to the message submission server which handles my email (I've never
    had that happen to me!)

    --
    Norman
    ~Oh Lord, why have you come
    ~To Konnyu, with the Lion and the Drum
    Walter Goldschmidt, Oct 30, 2010
    #18
  19. Walter Goldschmidt

    Magnus Guest

    There's too many unpatched apps and zero day exploits and phishing redirects
    (where you think your logging into a known site)... stay away from those
    p0rn sites ::)

    You're luck this showed up as bounced mail. They could have been sending
    death threats to govmt officials or accessing illegal sites in YOUR name...

    "Walter Goldschmidt" <> wrote in message
    news:iah77g$fb0$-september.org...
    > Great news we can now all sleep at night. No more junk emails. One
    > question, how did this guy get my Roadrunner email username and password?
    > Was it a web site I visited or something else.
    >
    > Walt
    >
    > "N. Miller" wrote in message news:...
    >
    > On Thu, 28 Oct 2010 09:04:54 -0500, R. C. White wrote:
    >
    >> Much furor over nothing, I think.
    >>
    >> Someone is sending emails (doesn't matter what the payload is) using your
    >> address.

    >
    > Well, except for the fact that the sender appears to be able to log in to
    > the Road Runner message submission server using the OP's login
    > credentials.
    > I'd consider that very worrisome. If someone were not just posing as me to
    > send an email (that has been done to me in the past), but posing as me to
    > log in to the message submission server which handles my email (I've never
    > had that happen to me!)
    >
    > --
    > Norman
    > ~Oh Lord, why have you come
    > ~To Konnyu, with the Lion and the Drum
    >
    Magnus, Oct 30, 2010
    #19
  20. Walter Goldschmidt

    ...winston Guest

    MSN still provides subscription based msn.com accounts and free sub
    accounts(msn.com).
    All accounts are accessible in Msft products using the Pop3 or Http
    protocols.

    While MSN did reorganize and move Hotmail and Messenger to the Live
    platform(completed in 2005/06), they retained the subscription base..

    Due to that long term MSN brand name(past and current) many still refer to
    all things Live as MSN...though I notice that reference more from across
    the pond in these continents(Europe, Asia, AU)


    --
    ....winston
    msft mvp mail

    "Ildhund" wrote in message news:iagtqr$euj$-september.org...


    N. Miller wrote...

    big ESPs ("Email Service Providers"), such as MSN ("Windows Live Hotmail")

    I rather thought the connection between MSN and Hotmail was severed a few
    years ago.
    MSN Hotmail becomes Windows Live Hotmail - 7 May 2007
    --
    Noel
    ...winston, Oct 30, 2010
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. jackett

    Windows mail read & delivery receipts

    jackett, Dec 11, 2007, in forum: Windows Vista Mail
    Replies:
    2
    Views:
    353
    Frank Saunders MS-MVP IE,OE/WM
    Dec 12, 2007
  2. Nancy

    mail delivery failure

    Nancy, Mar 11, 2008, in forum: Windows Vista Mail
    Replies:
    24
    Views:
    556
    Gary VanderMolen
    Mar 13, 2008
  3. Stacey
    Replies:
    2
    Views:
    291
    PA Bear [MS MVP]
    Sep 22, 2009
  4. Chris
    Replies:
    1
    Views:
    799
    Chris
    May 17, 2005
  5. GregInTrouble

    RE: How to release emails held in Local Delivery queue

    GregInTrouble, Dec 20, 2006, in forum: Windows Small Business Server
    Replies:
    0
    Views:
    514
    GregInTrouble
    Dec 20, 2006
Loading...

Share This Page