The typical example comes with a fairly common Subject/Sender combination:
Subject: Delivery Status Notification (Failure)
From: “System Administrator” <firstname.lastname@example.org>
However the “postmaster@” address will be from a randomly spoofed domain since these emails most likely come from already infected personal computers that are functioning as zombies in a spam bot network. The spoofed domain is never the true sender. For example the one from “email@example.com” was actually delivered by:
‘from [220.127.116.11] (helo=isg-109-108-46-163.ivnet.ru) by MailFilter1.onlymyemail.com with esmtp
The domain roomswithviews.com is registered with TUCOWS INC. whereas the IP address above belongs to what appears to be a Russian ISP. Clearly this is either from a compromised personal computer or the ISP itself is allowing someone to send virus attacks.
The faked rejection email’s body generally contains standard language such as:
Note: Forwarded message is attached.
This is an automatically generated Delivery Status Notification.
Delivery to the following recipients failed.
While this might look like a typical bounced email, what’s noteworthy is that the receiving domain is also spoofed — the bounce is not legitimate either. The person receiving this message never sent the email that’s purportedly being returned.
More importantly, the single attachment doesn’t contain a copy of any legitimate email. These attachments have either “.html” or “.htm” extensions, and are typically named as:
- Delivery Status Notification (Failure).htm
- Delivery Status Notification (Failure).html
OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.
Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."
OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.