Help!! My mailbox has been hijacked

[asya]

This is a little unnerving. This morning, I logged on to my site's default mailbox, and found there were 354 messages waiting for me. They were all Mail Delivery Notices from my server.

Apparently, someone has used my mail id to send around 354 (or more if they actually made it to some inboxes) spam emails around the web.

This is bizzare! I am considering putting up an apology on my homepage for people who have been badgered with this nuisance, but what else can I do? I certainly cannot allow this to happen for the second time. Please advise!!!

[netman4ttm]

Use sender policy frame work


http://www.openspf.org/

[dharrison]

Hi Asya

Can I 1st of all ask what type of communication you use on your website: an email address direct on your website or a CGi form script called formmail.pl from MSA?

If its a direct mail link, can I suggest that you rethink and use an enquiry form? It won't stop the amount of spam you receive altogether but it should reduce it considerably.

If, however, its the formmail problem, then go back to the site where you got it from and try downloading the latest version. If its the site I'm thinking it is, they recommend that you download a new version on a regular basis as this reduces any potential misuse. Or even try renaming it eg m2me1.pl

I have had this problem a couple of times in the past as a result of both of these factors. Although email link did tend to result in excessive spam mail rather than the misuse you are experiencing.

HTH

[kgun]

write your email address on a picture and embed that on the site.

If you use a form, use PHP. The hard solution. Encrypt the communication.

If it is a emailharvesting bot, make a script that returns 1 million random email addresses. May be the last time they try.

[blinded]

change password and try to check your system with antyspy ware pro. like norton or outpost.