I've been frequently receiving emails with the subject line "failure notice" and I've included one example below.
Should I be concerned about this and what, if any actions do I have available, as it looks like my email address is being used as the return path.
Note I have changed the details sightly to "mydomain.co.uk", the email that is not mine to "removed_not_my_email@yahoo.com" and my email to "my_email@mydomain.co.uk"
Hi. This is the qmail-send program at mydomain.co.uk.
I tried to deliver a bounce message to this address, but the bounce bounced!
<removed_not_my_email@yahoo.com>:
98.136.217.202 failed after I sent the message.
Remote host said: 554 delivery error: dd This user doesn't have a yahoo.com account (removed_not_my_email@yahoo.com) [0] - mta1335.mail.gq1.yahoo.com
--- Below this line is the original bounce.
Return-Path: <>
Received: (qmail 9093 invoked for bounce); 12 Mar 2014 11:08:39 +0100
Date: 12 Mar 2014 11:08:39 +0100
From: MAILER-DAEMON@mydomain.co.uk
To: removed_not_my_email@yahoo.com
Subject: failure notice
Hi. This is the qmail-send program at mydomain.co.uk.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<email@gmail.com>:
173.194.68.26 failed after I sent the message.
Remote host said: 552-5.7.0 This message was blocked because its content presents a potential
552-5.7.0 security issue. Please visit http://support.google.com/mail/bin/answe
552-5.7.0 r.py?answer=6590 to review our message content and attachment content
552 5.7.0 guidelines. s4si12659992qan.75 - gsmtp
--- Below this line is a copy of the message.
Return-Path: <removed_not_my_email@yahoo.com>
Received: (qmail 9089 invoked by uid 110); 12 Mar 2014 11:08:37 +0100
Delivered-To: mydomain.co.uk-my_email@mydomain.co.uk
Received: (qmail 9083 invoked from network); 12 Mar 2014 11:08:37 +0100
Received: from triband-del-59.177.226.218.bol.net.in (59.177.226.218)
by mydomain.co.uk with SMTP; 12 Mar 2014 11:08:32 +0100
Received: from apache by sdsgtchsccutvijfsjftr. with local (Exim 4.63)
(envelope-from <removed_not_my_email@yahoo.com>)
id YMVXBT-G78HLB-XN
for <my_email@mydomain.co.uk>; Wed, 12 Mar 2014 15:38:31 +0530
To: <my_email@mydomain.co.uk>
Subject: Image has been sent my_email
Date: Wed, 12 Mar 2014 15:38:31 +0530
From: "Evernote service" <removed_not_my_email@yahoo.com>
Message-ID: <7CC92FB2B133AA0F3984DE6BA6E33439@sdsgtchsccutvijfsjftr.>
X-Priority: 3
X-Mailer: PHPMailer 5.1 (phpmailer.sourceforge.net)
MIME-Version: 1.0
etc...
There is no verification on the sender in SMTP. Anyone can send email from whatever emailadress they can think of.
Spam & malware is distributed using this fact. Circumventing certain spamfilters because the sender-address/return-path seems legitimate. The notice that 'content presents a potential 552-5.7.0 security issue' could mean that an executable was attached. Maybe harmless, but probably a virus or malware.
Not nice, but also not much you can do about it.
To avoid your email address being used, in the future, as source of this practice, protect your email address. Don't post it on webpages in clear. Use a temporary emailaddress when subscribing to sites and or mailinglists.