Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsSpark New Zealand (including Skinny and BigPipe)Failed delivery reports on my xtra email, spam or compromised email account?
surfisup1000

5288 posts

Uber Geek
+1 received by user: 2159


#243533 16-Dec-2018 21:33
Send private message

I am getting a lot of these failed delivery emails to my xtra account ....

 

 

 

Hello, this is the mail server on bisko.win.

 

I am sending you this message to inform you on the delivery status of a

 

message you previously sent.  Immediately below you will find a list of

 

the affected recipients;  also attached is a Delivery Status Notification

 

(DSN) report in standard format, as well as the headers of the original

 

message.

 

In the attachment...

 

Reporting-MTA: dns;bisko.win
X-PowerMTA-VirtualMTA: mta-144.217.22.102
Received-From-MTA: dns;bwada3.xyz (144.217.22.102)
Arrival-Date: Fri, 7 Dec 2018 00:42:47 +0000

 

Final-Recipient: rfc822;zzzzzzzzzzzzzz@xtra.co.nz
Action: failed
Status: 5.7.1 (delivery not authorized)
Remote-MTA: dns;mx.xtra.co.nz (210.55.143.33)
Diagnostic-Code: smtp;554 5.7.1 Message rejected due to possible spam content
X-PowerMTA-BounceCategory: spam-related

 

 

 

Does this mean someone has my xtra email account settings like password? 

 

Or , is it just spam to confuse me? 

 

 

 

 

Filter this topic showing only the reply marked as answer Create new topic
gehenna
8667 posts

Uber Geek
+1 received by user: 3883

Moderator
Trusted
Lifetime subscriber

  #2146290 16-Dec-2018 21:41
Send private message

Doesn't look legit



surfisup1000

5288 posts

Uber Geek
+1 received by user: 2159


  #2146292 16-Dec-2018 21:47
Send private message

gehenna: Doesn't look legit

 

You mean these are not real failed delivery reports? 

 

I don't get why people would send these, what is the point? There is only the txt attachment which cannot store malware, no malicious links , maybe just to annoy for the fun of it?

Oblivian
7345 posts

Uber Geek
+1 received by user: 2117

ID Verified

  #2146297 16-Dec-2018 21:54
Send private message

It will be using your xtra account (nabbed in previous breaches) as the 'from' address.

 

While sending to another person with the recipient xtra address.

 

And for once, someones mail server is onto it. All those .win domains are commonly what sends the junk survey emails to/from xtra.

 

When its stopped, you get the notification being the apparent sender. My gmail is full of them ironically from the xtra servers attempting detecting spam as it tries to send my xtra aliases to gmail. But not as it arrived.

 

 

This message was created automatically by the mail system (ecelerity). A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:

 

xxx (reading confirmation): 554 5.7.1 Message rejected due to possible spam content

 

Reporting-MTA: dns; xtra.co.nz Arrival-Date: Fri, 30 Nov 2018 22:28:53 +0000 Last-Attempt-Date: Fri, 30 Nov 2018 22:28:53 +0000 Remote-MTA: dns; 10.23.30.55 Diagnostic-Code: smtp; 554 5.7.1 Message rejected due to possible spam content Status: 5.7.1 Final-Recipient: rfc822; mygmailacct Action: failed



hio77
'That VDSL Cat'
13036 posts

Uber Geek
+1 received by user: 3896

ID Verified
Trusted
Lizard Networks
Subscriber

  #2146311 16-Dec-2018 21:58
Send private message

surfisup1000:

 

Reporting-MTA: dns;bisko.win

 

 

known for being hosted on a OVH server, reports for phishing and email scams.

 

 

 

That's also not how xtra bounces mails.




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have. 

Oblivian
7345 posts

Uber Geek
+1 received by user: 2117

ID Verified

  #2146313 16-Dec-2018 22:04
Send private message

hio77:

 

known for being hosted on a OVH server, reports for phishing and email scams.

 

 

 

That's also not how xtra bounces mails.

 

 

If theres binning globally from other hosts to Xtra because of this finally.. YUS!!!!

 

The number of flag-as-spam reports of the originating host being VPS/OVH hosted from the get go of that outburst that peeved everyone off should have instigated something quicker than it did

freitasm
BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41029

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #2146316 16-Dec-2018 22:17
Send private message

Anyone can use any email on From: and Reply To: fields. Someone is sending using your email address so you receive the DND notifications. If in doubt, change your password, but likely unrelated.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

 
 
 
 

Shop now for Lego sets and other gifts (affiliate link).
surfisup1000

5288 posts

Uber Geek
+1 received by user: 2159


  #2146317 16-Dec-2018 22:18
Send private message

OK, so there is nothing I can do about it. 

 

I think someone may have actually emailed me once, asking me to stop sending them spam.

 

But I can't do anything about it as it doesn't actually come from me. 

 

 

Oblivian
7345 posts

Uber Geek
+1 received by user: 2117

ID Verified

  #2146319 16-Dec-2018 22:20
Send private message

surfisup1000:

 

OK, so there is nothing I can do about it. 

 

I think someone may have actually emailed me once, asking me to stop sending them spam.

 

But I can't do anything about it as it doesn't actually come from me. 

 

 

Not really. As an analogy.. 

 

You can slap on a stamp and post a letter of hatemail to someone you don't like. And put your bad santa uncles name and address on the back as a return to sender address.

 

It doesn't mean too much to prove if it was the actual sender..

Oblivian
7345 posts

Uber Geek
+1 received by user: 2117

ID Verified

  #2146660 17-Dec-2018 20:01
Send private message

And if you needed more assurance..

 

One I got today

 

from:Xmas Specials <service @ bisko.win>

 

 

 

Of course it was dropped on the outgoing attempt not the inbound.

richms
29097 posts

Uber Geek
+1 received by user: 10206

Trusted
Lifetime subscriber

  #2146663 17-Dec-2018 20:07
Send private message

surfisup1000:

 

gehenna: Doesn't look legit

 

You mean these are not real failed delivery reports? 

 

I don't get why people would send these, what is the point? There is only the txt attachment which cannot store malware, no malicious links , maybe just to annoy for the fun of it?

 

 

Get you to click links in the fake bounce to give you malware. Nosy people want to see what they allegedly sent and its from what I was told a very effective way to get clicks.




Richard rich.ms

Filter this topic showing only the reply marked as answer Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright