Computers & Electronics

"undeliverable message" email spam in the hundreds

  • Last Updated:
  • Aug 16th, 2019 5:16 pm
[OP]
Deal Fanatic
Nov 23, 2008
5111 posts
1657 upvotes

"undeliverable message" email spam in the hundreds

Anyone been hit with hundreds of "undeliverable mail" / "mail delivery failed - returned to sender" emails?

I think its someone spoofing my email address somewhere else.
But I'm not really sure what's the point of this, unless its an attempted DDOS attack.
I'm not an important person with any enemies either.

And I'm very sure I have not been hacked.

Anyone know how to stop this?
5 replies
Deal Addict
Feb 18, 2011
1643 posts
743 upvotes
Mississauga
I've had it happen to me, and there isn't much you can do about it. Just set up mail filtering to redirect all of those messages to a quarantine folder and review once a week.

If your email provider has DKIM and SPF set up correctly, it shouldn't be a problem. However, in practice despite having these setup correctly a lot of receiving servers will still send back a mail undeliverable message even though they really shouldn't (because the fake sender wouldn't have been able to authenticate themselves).
Jr. Member
Jul 2, 2009
100 posts
91 upvotes
Toronto
Are you sure your email isn't compromised?

Did you open an attachment and enter your credentials when it prompted you? One of the most common ways someone gets compromised is when this happens.

I suggest you change your email password immediately.
Deal Addict
Jan 21, 2018
4888 posts
4950 upvotes
Vancouver
They weren't to Telus customers, were they? Telus email was down yesterday. (https://www.citynews1130.com/2019/08/15 ... ail-issue/)

A spammer can easily use your email address on thousands of spam emails, resulting in a lot of bouncebacks coming to your inbox. The spammer can't get any replies, but usually that doesn't matter because the email contains a link that the spammer wants recipients to click on. You can usually check the contents of the "undeliverable" email for yourself by looking at the message details.

There is nothing you can do to prevent this. Anyone can use your email address without authorization at any time. The email system was designed decades ago before security was an issue, and it's too simple to prevent this type of abuse. Legitimate email servers have long since added newer functions to prevent users from sending large volumes of spam, and to verify that the source of incoming email is a similar legitimate server and bounce it if not. But nothing stops spammers from using outgoing email servers that don't care.

The real risk to you is that there are a bunch of spam blocking services used by ISPs that are ridiculously careless and inefficient in their algorithms, and they will identify these spam messages as coming from you and put your email on their block list, even though it's obvious the messages are not coming from you if they delved one level deeper. And unfortunately they share block lists with each other, so when your email address ends up on one block list, it quickly shows up on many others. They don't care if they have 90% false positives, and there is no easy way to get them to stop blocking your email once it's on these lists. Don't waste your time attempting to contact them.

So all you can really do is hope that it stops quickly and they move on to using someone else's email address. And if not, change your email address.
[OP]
Deal Fanatic
Nov 23, 2008
5111 posts
1657 upvotes
No it hasn't got anything to do with Telus.

In fact, this has been a recurring problem of mine about once every 2 months, for the past year or more.

Just once in a while there are 2-3 days where I just get flooded with those emails.

I guess my email must be floating around out there somewhere in some hacker lists and it gets re-used once in a while when some new hacker gets a hold of it?
Deal Addict
Feb 18, 2011
1643 posts
743 upvotes
Mississauga
SomeOtherDude wrote: No it hasn't got anything to do with Telus.

In fact, this has been a recurring problem of mine about once every 2 months, for the past year or more.

Just once in a while there are 2-3 days where I just get flooded with those emails.

I guess my email must be floating around out there somewhere in some hacker lists and it gets re-used once in a while when some new hacker gets a hold of it?
They could have gotten your email from a legitimate source, but they can also guess. I have my own domain, and a bunch of emails are "returned" to my catch-all address. Just random addresses like joe@my-domain.com etc.

Top