|
Victory Road Network Support Suggestions? Errors? Comments? Questions? |
|
Search this Thread |
#5
|
||||
|
||||
If anyone has received this message, I ask that you delete it immediately. I've only managed to round up about 100 of the e-mail addresses it was sent to in order to issue an apology, so there are likely many others I missed. I've already changed my password.
I'm willing to bet whatever spambot managed to crack in sent a message to everyone I've ever e-mailed from that account from the last 11 years (when I registered the account). >_> Last edited by Cat333Pokémon; February 20, 2014 at 04:41:40 PM. |
#8
|
||||
|
||||
AH HA! Thank you, message headers!
Apparently, my account was not hacked. It was delivered by jeffc@st-charles.org operating on the St. Charles Borromeo Catholic Church (in Lima, OH) domain and attempted to be masked by being sent from my address. Code:
x-store-info: *removed* Authentication-Results: hotmail.com; spf=none (sender IP is 65.17.128.152; identity alignment result is fail and alignment mode is relaxed) smtp.mailfrom=jeffc@st-charles.org; dkim=none (identity alignment result is pass and alignment mode is relaxed) header.d=aol.com; x-hmca=none header.id=cat333pokemon@aol.com X-SID-PRA: cat333pokemon@aol.com X-AUTH-Result: NONE X-SID-Result: NONE X-Message-Status: n:n X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MTtHRD0yO1NDTD0w X-Message-Info: *removed* Received: from bizmail01.wcoil.com ([65.17.128.152]) by BAY0-PAMC2-F3.Bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900); Thu, 20 Feb 2014 15:56:04 -0800 Received: from mycomputer (Broadband-Dynamic-119-235-77-39.connect.com.fj [119.235.77.39]) (Authenticated sender: jeffc@st-charles.org) by bizmail01.wcoil.com (Postfix) with ESMTPA id 4DEDA2E82A0; Thu, 20 Feb 2014 18:55:47 -0500 (EST) From: "=?ISO-8859-1?Q?cat333pokemon=40aol.com?=" <cat333pokemon@aol.com> To: *addresses removed* Subject: =?ISO-8859-1?Q?cat333pokemon=40aol.com?= Date: Thu, 21 Feb 2014 12:55:47 +0100 MIME-Version: 1.0 X-mailer: Microsoft Office Outlook, Build 11.0.5510 Reply-To: cat333pokemon@aol.com Content-type: Multipart/mixed; boundary="50B60084_390367CB_boundary" Content-Description: Multipart message Return-Path: jeffc@st-charles.org Message-ID: <BAY0-PAMC2-F3zJOTfH0008d898@BAY0-PAMC2-F3.Bay0.hotmail.com> X-OriginalArrivalTime: 20 Feb 2014 23:56:04.0347 (UTC) FILETIME=[508E34B0:01CF2E97] --50B60084_390367CB_boundary Content-type: text/html; charset=UTF-8 Content-Transfer-Encoding: Quoted-printable Content-Disposition: inline Content-Description: HTML text Last edited by Cat333Pokémon; February 20, 2014 at 04:58:50 PM. |
#11
|
||||
|
||||
Quote:
Dunno if y'all are aware (probably), but Kickstarter was hacked last week or something. I just found out, so gimme a break. D: |
#13
|
|||
|
|||
I think more likely it's a box at a church that got infected and was doing this automatically. Just speculation though.
|
#14
|
||||
|
||||
That's certainly the most plausible explanation. It's probably a bot that does the dirty work for some "master" spam server, which may harvest e-mail addresses from accounts for which it can obtain the password.
Last edited by Cat333Pokémon; February 20, 2014 at 05:28:47 PM. |
#19
|
||||
|
||||
The spam message was delivered to pretty much everyone I ever sent a message to, from my AOL e-mail account. If I never sent you an e-mail through AOL (or added you to my contacts there), then you didn't get one. It did not use the e-mail addresses stored in Victory Road's database.
Last edited by Cat333Pokémon; February 20, 2014 at 11:41:39 PM. |
#21
|
||||
|
||||
Quote:
Code:
Return-Path: <SRS0=aBD8Ci=XY=corrum.ca=pdufour@eigbox.net> Received: from [190.19.254.34] (port=2413 helo=mycomputer) by bosauthsmtp06.eigbox.net with esmtpa (Exim) id 1WGA0i-0007je-1k; Wed, 19 Feb 2014 11:28:37 -0500 Code:
Return-Path: <ggkuhaka@publicservice.go.ke> Received: from mycomputer (79-100-190-70.btc-net.bg [79.100.190.70]) by mail.publicservice.go.ke (Postfix) with ESMTPSA id 5F1B326854A; Wed, 19 Feb 2014 18:57:25 +0300 (EAT) Code:
Received: from blu0-omc2-s12.blu0.hotmail.com (blu0-omc2-s12.blu0.hotmail.com [65.55.111.87]) by mtaiw-mab05.mx.aol.com (Internet Inbound) with ESMTP id 930FB70000081 for <cat333pokemon@aol.com>; Fri, 14 Feb 2014 21:15:08 -0500 (EST) Received: from BLU168-W39 ([65.55.111.71]) by blu0-omc2-s12.blu0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Fri, 14 Feb 2014 18:15:08 -0800 |
#27
|
|||
|
|||
Bumping this thread because it happened again. Same sort of message as the first one, only this time it links to a fake version of Women's Health and my browser's anti-fraud thing actually caught it.
Edit: This spam message, while all the recipients stayed the same, had different headers than the first. Last edited by linuxlove; April 8, 2014 at 09:41:26 AM. |
#28
|
||||
|
||||
I don't get it. My contacts list is completely empty now, and I changed my password since then. Judging by this part of the header in the PM you sent me...
Code:
Received: from mail-1.cc.uic.edu (mail-1-456.cc.uic.edu. [128.248.156.182]) by mx.google.com with ESMTPS id a7si4397701iga.43.2014.04.08.10.28.20 for <multiple recipients> (version=TLSv1 cipher=RC4-SHA bits=128/128); Tue, 08 Apr 2014 10:28:20 -0700 (PDT) Received-SPF: neutral (google.com: 128.248.156.182 is neither permitted nor denied by domain of cat333pokemon@aol.com) client-ip=128.248.156.182; Authentication-Results: mx.google.com; spf=neutral (google.com: 128.248.156.182 is neither permitted nor denied by domain of cat333pokemon@aol.com) smtp.mail=cat333pokemon@aol.com Received: from uic.edu (dsl-189-241-239-129-dyn.prod-infinitum.com.mx [189.241.239.129] (may be forged)) (authenticated bits=0) In a completely unrelated incident, I personally had trouble with the Sender Permitted Form right after the server move, as I forgot to tell the domain name server that "floatzel.net" is a permitted sender for VR's e-mail. Hotmail quickly blocked it because one of its spam filter providers didn't like me sending e-mails with the wrong SPF and wrong hostname on the machine. In addition to the above, I received a large number of bounce messages from Orange France (that's an ISP): Quote:
Last edited by Cat333Pokémon; April 8, 2014 at 11:48:42 AM. |
#29
|
||||
|
||||
Just a quick update. I received the following message from AOL:
Quote:
Last edited by Cat333Pokémon; April 28, 2014 at 11:59:36 AM. |
|