This morning I got this email on a seldom used account: (spoiled so it doesn’t take up so much space)
Failure Notice
1 recipients
CC: recipientsYou More
BCC: recipientsYou
Hide Details
FROM:
* MAILER-DAEMON@yahoo.com
TO:
* myemailaddress@yahoo.com
Message flagged
Tuesday, November 29, 2011 7:08 AM
Message body
Sorry, we were unable to deliver your message to the following address.
<*email address for person it claimed to have bounced off of*>:
Remote host said: 554 Service unavailable; Client host [98.138.229.57] blocked using dnsbl.sorbs.net; Currently Sending Spam See: http://www.sorbs.net/lookup.shtml?98.138.229.57 [RCPT_TO]
--- Below this line is a copy of the message.
Received: from [98.138.90.51] by nm32.bullet.mail.ne1.yahoo.com with NNFMP; 29 Nov 2011 13:07:53 -0000
Received: from [98.138.88.233] by tm4.bullet.mail.ne1.yahoo.com with NNFMP; 29 Nov 2011 13:07:53 -0000
Received: from [127.0.0.1] by omp1033.mail.ne1.yahoo.com with NNFMP; 29 Nov 2011 13:07:53 -0000
X-Yahoo-Newman-Property: ymail-5
X-Yahoo-Newman-Id: 714114.53211.bm@omp1033.mail.ne1.yahoo.com
Received: (qmail 78016 invoked by uid 60001); 29 Nov 2011 13:07:53 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1322572073; bh=nC/k3Ki3FVmeZH5FehrMvx37FeSzvsIyohkp70xsH6k=; h=X-YMail-OSG:Received:X-Mailer:Message-ID:Date:From:Subject:To:MIME-Version:Content-Type; b=Qg0ZmfTbg26wCPOroQVSooi+fLgWOgCrHfQC1tbrrTDu7uHfaoaNGYcAtFp9zXLFuFAAcFB6myINxZkgeQ0iMq91IuIeGPEHAGGgdaQeDZKN7g26bbBC4q21CBvW8hU41gP17sFBLtmrnrk4QyNO8o9TKujC7s5GSwQuFOqrTsk=
DomainKey-Signature:a=rsa-sha1; q=dns; c=nofws;
s=s1024; d=yahoo.com;
h=X-YMail-OSG:Received:X-Mailer:Message-ID:Date:From:Subject:To:MIME-Version:Content-Type;
b=P9luSnWuCRB5L1XjL+Dul5MOjfQ5wKO7M2i0cIXSOZ3rTzcubBFHLEf+DLsHRuYDO1ca0aSRAm65CoDeaW+BpPksyaSuTBHyLtHcD+BhiRzDqRgdQrWOOTwi3s4b/W+vOTXn3w9KiB+i9nf3KLzrodZHcGto2Gecodv6Vtu8M1w=;
X-YMail-OSG: J4mQV_gVM1nM4WzBBmZgyV7rSbdQOebT9nkp8dDQ8oMOcGX
2QaKkVPuF1uiAV9nWNmo1qbc6gss64Ja449AVCaGiRRs2boy2gFzKilObVSE
u_QyeGUELXs8EIZZUNGT9PrA41X_U8nFMkc2qWxaROGJQHJSGVWkkwTI6Czn
3ZOdw5YxIyYR4PQCte8ETq9iLONa6D0epYMqRi9TaatewXOLD9W3D7.8ZNIK
PsCUy6bavQSzV7pklIVfBnlKNGCtP7CdjQ.1KFbSV7vk2.JEsW_lGw4H3fNH
Z4ZTkfeIHdkKNHnTqLzImp_LaruqAEBo4BsRktYQHcmLB4UAHvquT4WVBwuh
4BC_VcibvOHXwITnD1MCzGyB7Q2j5Q3s3lLebN9y_wXj_oNmmKPclS_DsZA0
1HYkqU6TvCRBWAHH5nOZ5uDvk3whkL3L1kmKyJ1CCgsFoP7nCES.CjwdEnoN
ATdhKOHSAv3SYzy.zh1Y8
Received: from [194.231.197.68] by web114517.mail.gq1.yahoo.com via HTTP; Tue, 29 Nov 2011 05:07:53 PST
X-Mailer: YahooMailWebService/0.8.115.325013
Message-ID: <1322572073.17959.androidMobile@web114517.mail.gq1.yahoo.com>
Date: Tue, 29 Nov 2011 05:07:53 -0800 (PST)
From: Joey P <myemailaddress>
Subject: Take a look at this.
To: **List of email address that I had previously sent email to using this address**
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="-1524552598-1023926305-1322572073=:17959"
---1524552598-1023926305-1322572073=:17959
Content-Type: text/plain; charset=us-ascii
<p>Hello<br>I was in need of an alternative this helped me back to my feet this is proof that miracles do exist imagine what you could do<br><a href="http://www.sydjyskfoto.dk/profile/44NicholasBrown/">http://www.sydjyskfoto.dk/profile/44NicholasBrown/</a><br>bye.</p>
---1524552598-1023926305-1322572073=:17959
Content-Type: text/html; charset=us-ascii
<table cellspacing="0" cellpadding="0" border="0"><tr><td valign="top" style="font: inherit;"><p>Hello<br>I was in need of an alternative this helped me back to my feet this is proof that miracles do exist imagine what you could do<br><a href="http://www.sydjyskfoto.dk/profile/44NicholasBrown/">http://www.sydjyskfoto.dk/profile/44NicholasBrown/</a><br>bye.</p>
</td></tr></table>
---1524552598-1023926305-1322572073=:17959--
Reply to:
Reply to MAILER-DAEMON@yahoo.com
Reply to MAILER-DAEMON@yahoo.com
Send
That’s exactly how it looked.
My first thought was that my account got hacked and someone was sending out spam, but for a few reasons I’m not sure that’s the case.
1)I’m ridiculously careful about that kind of stuff and I’m not sure I could be tricked into it.
2)This is a seldom used account. It’s not used for any social networking sites, I never would have typed in the username/password anywhere other then on the webmail page and my phone (it’s a POP3 account).
3)There’s nothing in my sent box.
4)Lastly, and this is what really confuses me, one of the emails listed in the TO: section is one of my other personal email address and I didn’t get anything.
So, I’m trying to figure out if I’m sending out spam or if this email IS the spam and it somehow managed to get a hold of the names of people I’ve sent mail to and put them in the letter to make it look like something I sent.