Friday, March 23, 2007

Unusual E-mail Activity

I've been noticing unusual e-mail activities at my nyu account. 3-4 tomes in the past month I've got 'MAILER-DAEMON' failure notice e-mail when I've not send mails at those addresses.

An example is :

Subject failure notice
Hi. This is the qmail-send program at
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

Sorry, no mailbox here by that name. vpopmail (#5.1.1)

So, have other people also been getting such emails too ?
And what could these signify ?


Pooja Verma said...

hey nishank, this is strange... you get invalid recipient responses for addresses not sent! I have not heard of this behavior earlier with anyone... does it still persist?

Nishank said...

it's happened a couple of times after the post also

I'm guessing some kind of bot activity.

david said...

I've gotten a few emails like this.
I'm pretty sure this is what is happening:

* Some spammer you've never heard of is sending email to everyone in an address book.

* The spammer forges someone else's address on the mail he sends out -- in this case, your address. (I'm a little fuzzy on whether he uses the same forged return address on every email in a batch, like a Joe job, or whether each email has a different forged return address, "from" one of the addresses in the address book.)

* Much of them spam gets manually or automatically deleted. But some emails to invalid addresses get bounced to the return address of -- in this case, you.

What can we do about this kind of forgery?
I hear that hashcash helps a little -- it at least slows down spammers so they only send 1 spam in the time they otherwise would send out hundreds.