[Dshield] mail server does not like unspecified recipient

Mark Owen mr.markowen at gmail.com
Wed Aug 30 17:51:12 GMT 2006


On 8/29/06, Abuse <abuse at what4now.com> wrote:
>
>
> Impossible to tell from the "bounce" messages because you do not know all
> of
> the destination email addresses.  You need to look at the mail logs to see
> what
> happened.  The headers look like the email was TO one email address  and
> sent
> to a different email address, maybe by bcc (the TO and actual sending
> email
> address do not have to agree).
>
> I would guess that if some computer was compromised it would be the user's
> machine.
>
> A personal note, I don't think much of the RECEIVED header lines
> (identifying
> the original sender).  I don't know if that is what gmail defaults to or
> someone configured it that way.
>

What gets me is that the NET FOLDERS update is an automatic message
generated within Outlook.  That means the TO, CC, and BCC was generated by
Outlook.  Any other receipients have to be added from a malicious plugin
within Outlook or somewhere else down the line.

-- 
Mark Owen


More information about the list mailing list