Help with spoofed e-mails

[chibineku]

It beggars the belief of most who know it, but we use AOL and have done for a long time. In the last 6 months or so, I have started getting mailer deamon e-mails saying that e-mails I've sent have failed to be delivered. The problem is that I didn't send the e-mails. They are to addresses that were auto-added to my AOL address book and that I've had no occasion to contact for a long time. I've contacted AOL a few times and their helpful suggestion was to change my AOL password. Great, but they already have my e-mail address and my address book and I'm starting to get replies from businesses who are receiving these spoofed e-mails. A stroke of luck is that I finally received one of these e-mails myself and have got the server headers. I am not sure how to decipher them, though. If anyone could help me or point me in the right direction, I would be very grateful. I will of course send the headers to AOL too. In full, they are:Edit: headers removed as they exposed e-mail addresses for further spamming. I didn't have my head on straight when I posted them.

[boen_robot]

Tracing mail messages is nearly impossible... why do you think there are so many spammers and so few arrested?You need to have access to the records of all servers involved, and each server that they point you to. In this case, you need to start with "mx.kundenserver.de (node=mxeu1)". They may contain a record from another server, and that other server from another server, etc. etc. up until one server that may contain the IP of the sender. If the records of any one on the chain are not present, locating from that point on is like looking for a needle in a haystack, and not in the PHP sence.I suggest you simply stop using AOL. How much of a problem would it be to simply target everyone in your address book, and send them a notice that your email was changed?

[End User]

It beggars the belief of most who know it, but we use AOL and have done for a long time. In the last 6 months or so, I have started getting mailer deamon e-mails saying that e-mails I've sent have failed to be delivered.

If they're in your account, change your password. No other recourse except changing your email address.It's also very possible that you're the victim of a "Joe Job", and if that's the case there's not much you can do about it. A joe job is when a spammer uses your email address as their return or "From" address. This is fairly common and there's no way to prevent it. I have one or two domains that get floods of Joe Job emails periodically, sometimes several thousand in a day. There's no real defense against this, as there isn't any way to stop someone from using your address as their "From" address. I hate to say this, but the most practical thing you can do is to ignore it. Don't waste your time trying to hunt the spammer down.