Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




4082 posts

Uber Geek
+1 received by user: 1371


Topic # 243533 16-Dec-2018 21:33
Send private message

I am getting a lot of these failed delivery emails to my xtra account ....

 

 

 

Hello, this is the mail server on bisko.win.

 

I am sending you this message to inform you on the delivery status of a

 

message you previously sent.  Immediately below you will find a list of

 

the affected recipients;  also attached is a Delivery Status Notification

 

(DSN) report in standard format, as well as the headers of the original

 

message.

 

In the attachment...

 

Reporting-MTA: dns;bisko.win
X-PowerMTA-VirtualMTA: mta-144.217.22.102
Received-From-MTA: dns;bwada3.xyz (144.217.22.102)
Arrival-Date: Fri, 7 Dec 2018 00:42:47 +0000

 

Final-Recipient: rfc822;zzzzzzzzzzzzzz@xtra.co.nz
Action: failed
Status: 5.7.1 (delivery not authorized)
Remote-MTA: dns;mx.xtra.co.nz (210.55.143.33)
Diagnostic-Code: smtp;554 5.7.1 Message rejected due to possible spam content
X-PowerMTA-BounceCategory: spam-related

 

 

 

Does this mean someone has my xtra email account settings like password? 

 

Or , is it just spam to confuse me? 

 

 

 

 


Filter this topic showing only the reply marked as answer Create new topic
5407 posts

Uber Geek
+1 received by user: 1438

Moderator
Trusted
Lifetime subscriber

  Reply # 2146290 16-Dec-2018 21:41
Send private message

Doesn't look legit



4082 posts

Uber Geek
+1 received by user: 1371


  Reply # 2146292 16-Dec-2018 21:47
Send private message

gehenna: Doesn't look legit

 

You mean these are not real failed delivery reports? 

 

I don't get why people would send these, what is the point? There is only the txt attachment which cannot store malware, no malicious links , maybe just to annoy for the fun of it?


 
 
 
 


3107 posts

Uber Geek
+1 received by user: 396


  Reply # 2146297 16-Dec-2018 21:54
Send private message

It will be using your xtra account (nabbed in previous breaches) as the 'from' address.

 

While sending to another person with the recipient xtra address.

 

And for once, someones mail server is onto it. All those .win domains are commonly what sends the junk survey emails to/from xtra.

 

When its stopped, you get the notification being the apparent sender. My gmail is full of them ironically from the xtra servers attempting detecting spam as it tries to send my xtra aliases to gmail. But not as it arrived.

 

 

This message was created automatically by the mail system (ecelerity). A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:

 

xxx (reading confirmation): 554 5.7.1 Message rejected due to possible spam content

 

Reporting-MTA: dns; xtra.co.nz Arrival-Date: Fri, 30 Nov 2018 22:28:53 +0000 Last-Attempt-Date: Fri, 30 Nov 2018 22:28:53 +0000 Remote-MTA: dns; 10.23.30.55 Diagnostic-Code: smtp; 554 5.7.1 Message rejected due to possible spam content Status: 5.7.1 Final-Recipient: rfc822; mygmailacct Action: failed


'That VDSL Cat'
9922 posts

Uber Geek
+1 received by user: 2323

Trusted
Spark
Subscriber

  Reply # 2146311 16-Dec-2018 21:58
Send private message

surfisup1000:

 

Reporting-MTA: dns;bisko.win

 

 

known for being hosted on a OVH server, reports for phishing and email scams.

 

 

 

That's also not how xtra bounces mails.





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


3107 posts

Uber Geek
+1 received by user: 396


  Reply # 2146313 16-Dec-2018 22:04
Send private message

hio77:

 

known for being hosted on a OVH server, reports for phishing and email scams.

 

 

 

That's also not how xtra bounces mails.

 

 

If theres binning globally from other hosts to Xtra because of this finally.. YUS!!!!

 

The number of flag-as-spam reports of the originating host being VPS/OVH hosted from the get go of that outburst that peeved everyone off should have instigated something quicker than it did


BDFL - Memuneh
63028 posts

Uber Geek
+1 received by user: 13603

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 2146316 16-Dec-2018 22:17
One person supports this post
Send private message

Anyone can use any email on From: and Reply To: fields. Someone is sending using your email address so you receive the DND notifications. If in doubt, change your password, but likely unrelated.







4082 posts

Uber Geek
+1 received by user: 1371


  Reply # 2146317 16-Dec-2018 22:18
Send private message

OK, so there is nothing I can do about it. 

 

I think someone may have actually emailed me once, asking me to stop sending them spam.

 

But I can't do anything about it as it doesn't actually come from me. 

 

 


3107 posts

Uber Geek
+1 received by user: 396


  Reply # 2146319 16-Dec-2018 22:20
One person supports this post
Send private message

surfisup1000:

 

OK, so there is nothing I can do about it. 

 

I think someone may have actually emailed me once, asking me to stop sending them spam.

 

But I can't do anything about it as it doesn't actually come from me. 

 

 

Not really. As an analogy.. 

 

You can slap on a stamp and post a letter of hatemail to someone you don't like. And put your bad santa uncles name and address on the back as a return to sender address.

 

It doesn't mean too much to prove if it was the actual sender..


3107 posts

Uber Geek
+1 received by user: 396


  Reply # 2146660 17-Dec-2018 20:01
Send private message

And if you needed more assurance..

 

One I got today

 

from:Xmas Specials <service @ bisko.win>

 

 

 

Of course it was dropped on the outgoing attempt not the inbound.


21987 posts

Uber Geek
+1 received by user: 4647

Trusted
Subscriber

  Reply # 2146663 17-Dec-2018 20:07
One person supports this post
Send private message

surfisup1000:

 

gehenna: Doesn't look legit

 

You mean these are not real failed delivery reports? 

 

I don't get why people would send these, what is the point? There is only the txt attachment which cannot store malware, no malicious links , maybe just to annoy for the fun of it?

 

 

Get you to click links in the fake bounce to give you malware. Nosy people want to see what they allegedly sent and its from what I was told a very effective way to get clicks.





Richard rich.ms

Filter this topic showing only the reply marked as answer Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Orcon announces new always-on internet service for Small Business
Posted 18-Apr-2019 10:19


Spark Sport prices for Rugby World Cup 2019 announced
Posted 16-Apr-2019 07:58


2degrees launches new unlimited mobile plan
Posted 15-Apr-2019 09:35


Redgate brings together major industry speakers for SQL in the City Summits
Posted 13-Apr-2019 12:35


Exported honey authenticated on Blockchain
Posted 10-Apr-2019 21:19


HPE and Nutanix partner to deliver hybrid cloud as a service
Posted 10-Apr-2019 21:12


Southern Cross and ASN sign contract for Southern Cross NEXT
Posted 10-Apr-2019 21:09


Data security top New Zealand consumer priority when choosing a bank
Posted 10-Apr-2019 21:07


Samsung announces first 8K screens to hit New Zealand
Posted 10-Apr-2019 21:03


New cyber-protection and insurance product for businesses launched in APAC
Posted 10-Apr-2019 20:59


Kiwis ensure streaming is never interrupted by opting for uncapped broadband plans
Posted 7-Apr-2019 09:05


DHL Express introduces new MyDHL+ online portal to make shipping easier
Posted 7-Apr-2019 08:51


RackWare hybrid cloud platform removes barriers to enterprise cloud adoption
Posted 7-Apr-2019 08:50


Top partner named at MYOB High Achievers Awards
Posted 7-Apr-2019 08:48


Great ideas start in Gisborne with hackathon event back for another round
Posted 7-Apr-2019 08:42



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.