On Tue, Apr 21, 2015 at 10:36 AM, Mark Hounschell <m...@example.com> wrote:
I'm running 13.2 x64 on this particular box. I use thunderbird email. I got a couple of email delivery errors this morning, yet I had sent no emails for some time from this box. I know it's not uncommon for an email address to be spoofed by spammers. I've not had this happen before, at least not like this. I'm sending this email from my box at work BTW. The details of the delivery error are below.
------ This is a copy of the headers of the original message. ------
Return-Path: <m...@example.com> Authentication-Results: example.com smtp.user=m...@example.com; auth=pass (LOGIN) Received: from [127.0.0.1] ([127.0.0.1:00000] helo=@example.com) by example.com (envelope-from <m...@example.com>) (ecelerity 3.5.0.35861 r(Momo-dev:tip)) with ESMTPA id 8F/AC-28519-02975355; Mon, 20 Apr 2015 22:09:37 +0000 Message-ID: <20150420220937.WA9D0.77936.root@example.com> Date: Mon, 20 Apr 2015 18:09:36 -0400 From: <m...@example.com> To: d...@example.com, d...@example.com, u...@example.com, r...@example.com, jim@example.com, r...@example.com, m...@example.com, s...@example.com, u...@example.com, m...@example.com Subject: hey there MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) Sensitivity: Normal X-Originating-IP: from 127.0.0.1 by example.com; Mon, 20 Apr 2015 22:09:36 +0000 X-RR-Connecting-IP: 127.0.0.1 X-Cloudmark-Score: 0
OK, whois says that "X-Originating-IP: from 93.168.159.108" is from Saudi Telecom Company JSC. OK, no big surprise there. And it didn't appear to actually come from my box.
But the "To:" list is what scares me. These are addresses from my thunderbird address book. How can this be? Some of them I haven't sent an email to in years. Others, recently. But never an email to more than one of them at a time.
Dazed and confused Mark --
I'm sorry I'm replying to this posting so long after it was made, but I was occupied elsewhere at the time. Besides the mistake made by the Original Poster is something that can't be undone once made. This is merely for the enlightenment of all us humans here. Mark Hounschell, by neglecting to obfuscate the email addresses in the copied headers in the posting, you have provided another source for email harvesters[1]. When I noticed this, I checked the archived copy of the posting[2], I was glad to see the mailing list software has its obfuscation option turned on. That is not always the case. Please, before posting a request for help, PAUSE, take a deep breath, and consider how the posted data can be used by those interested in other uses. Obfuscation is our only defense. It's not easy to do well without destroying its utility in solving the problem, but the consequences are less than desirable. I'm glad you were able to receive some help from this community. Here's to better skills in obtaining that assistance. (I usually only know about such errors because they have embarrassed me in the past.) 1. http://en.wikipedia.org/wiki/Email_address_harvesting 2. http://lists.opensuse.org/opensuse/2015-04/msg00617.html -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org