My email is now full of spam, junk. and recently i'm getting alot of postmaster@mail.hotmail.com with

This is an automatically generated Delivery Status Notification.<br></br><br></br>Delivery to the following recipients failed.<br></br><br></br>even though maybe the emails indicated are people i mailed years ago and haven't in long time. <br></br>Or it might indicate a weird email that i never even mailed.<br></br><br></br>anyways i'm getting 7 plus postmaster emails everyday. i dont know why.<br></br>i tried to junk it but it doesn't work.<br></br><br></br>Anyways, <br></br>since it's my main email i can't just stop using it.<br></br>but i hate it's full of junk

delete account and move on

it's just an address

it's good for cleaning out unnecessary contacts

Your account has been hijacked. The delivery failure notifications are because a spammer is sending mail claiming it is FROM YOU. Some of the addresses being spammed are unreachable, and the notifications are coming to you because the systems receiving the mail were told it was from you. They weren't from you, but they were sent from your account.

Close it.

Get a new one.

Do not give the address to anybody. Use spamgourmet.com. Create forwarding addresses for every list you need to get on. If one of those addresses gets leaked and ends up on a mailing list, you just shut that address off.

I have had my address leaked by Renderosity, Orbitz, TJ Maxx, and by a few Rendo users whose accounts got hijacked like yours. In each case, the account that got leaked or hijacked was identifiable, because each of the forwarding addresses I created was unique, and I had given only to that one person or company.

Knowing who got hijacked, I just shut down that alias and gave them a new one to reach me.

Each of the aliases I create, I put the name of the person or company I gave it to. That way I know who got hit.

In the past, all my email addresses got filled with junk by others who got hijacked. Now since NOBODY has my address except spamgourmet.com, I have had the same account, 100% spam free, for 8 years.

PS: Account hijacking is often begun by a drive-by download into your browser. Once there, any web-based accounts for which you have told your browser to automatically remember your password are wide open.

The first thing to do is use two browsers. Use one for reading mail and rendo and such other sites that you trust, visit often, and need a password for.

For general browsing, use another browser. That way if it gets a drive-by, it doesn't matter, because that browser doesn't know any of your passwords.

I use Firefox for that purpose. As well, I run it in private browsing mode so cookies get deleted, history is cleared, etc.

http://www.securelist.com/en/analysis/204792056/Drive_by_Downloads_The_Web_Under_Siege

http://www.theregister.co.uk/2008/06/09/drive_by_download_defences/

http://lifehacker.com/5410941/protect-yourself-from-drive+by-browser-malware-attacks

http://www.zdnet.com/blog/security/google-android-vulnerable-to-drive-by-browser-exploit/2067

Yep bagginsbill is right. I had the same thing happen to me. I deleted and moved on. :)

What if you used that email for many sites including this one, taxes site, etc.

THen how will i get contacted from those sites?

Quote - What if you used that email for many sites including this one, taxes site, etc.

THen how will i get contacted from those sites?

you goto each site and change your details....?

this a trick question?

another useful app to use is Ccleaner. Its free. It cleans all internet and system temp files, cookies, browsing history etc on your computer. You have no idea the amount of crap windows, and firefox saves in your temp folders daily. You can select what temp folders to clear everytime you run the program, but the default settings is fine. Whats nice is that it cleans your registry of all invalid entries aswell. My windows has never ran smoother and as efficient.:)

So this drive by download thing can affect mozilla thunderbird as well as i get the spam failed delivery notifications as well on my ISP email address i use with that.

A lot of these failed delivery reports are because the spammers are spoofing the email system into thinking the fake mails come from you, but they really are not. Its not that hard to do....  Just take a close look at some spam emails, you can tell that with some of them a lot of work was done to make them look very real.

The best way to avoid these notifications is to never print your email address in any public form on the internet, this includes having them on forum posts forum profiles, anywhere that a web bot can read it... thats why sometimes you see people post their emails as "suchandsuch at fakeemailcomp dot com" or variations of that style, they probably dont work as im sure the bots that gather email addresses can probably read that style now...

Basicly the best email security you can have is what bagginsbill said combined with having multiple email accounts, have one for personal stuff with friends and family, one for joining sites, and one for your online public persona.  This way if one ever gets compromised the hit is not too bad !

Thanks guys. I'm now using another email address and changed all sites i registered too to use that email. i dont' really have many email friends so it was easy. i just have 2 and i wrote to them from that new email yesterday and they replied saying oh ok. I had to prove it was me though. not very hard

My personal email address got picked up in a spammer distribution list at some point and over the course of 5 years got to a point where about 98% of the inbound email was spam.  Outlook was filter about 2/3 of it but I fixed it for good by moving my POP services from a mom&pop hoster to godaddy.  About 99% of the spam stopped immediately.  Godaddy must have a well managed spam filter (probably uses a blacklist to filter out spammers SMTP servers).

If your account is on hotmail or gmail or any other web-base email system then I suppose you're SOL.  If it's a private email address (ie. your own domain) then you could look a moving to another hoster that stops spam at the gateway.

a spammer can use your email address as the sender without using your account. Its a fairly simple hack of the header, and many mail systems dont check the sender.

Learn to set the filters on your inbox to split up incoming mail. Web based Email like yahoo may be doing that already, Outlook express and other pc based mail readers you have to do yourself. I send mesages to the admin of the emails that bounce to see if they log IP addresses.Your email provider should be able to tell if their system sent the mail.

If it is coming from your account , change the password, and scan your PC for virus. Download the free Kaspersky (?) or similar scanner.

I have filters for viagra, enlargement, Nigeria, JAL777 (I think - its an airline crash spam letter)  to a spam folder, renderosity, daz etc all go to a newsletters folder.

Quote - Yep bagginsbill is right. I had the same thing happen to me. I deleted and moved on. :)

I just changed my password and deleted all stored history and that cleared it up.

but... but... my real name IS "Viagra N. Largement"!

It may not nescessarily mean your acount was hijacked, it could be that your address book was swiped, or someone who you exchange email with regularly had their address book swiped, and the address is being spoofed.  The only way to be sure is to check the full headers of the email.  In the headers is the origin path, and the return path.  If your email address is only listed in the return path, then someone is using an email spoofer and has your email address on the list (probably swiped from a hijacked address book or account).  If your email address is in BOTH fields, then your account was hijacked.

The lines to look for in headers are:

Return Path: (the address replies and failure notices go to)

X-Originating IP: (the IP of the actual sender - still may be spoofed)

Authentication-Results: (shows every address and router it passed through)

Received: (may have more than one of these - the last one is the actual origin)

From: (the address the email alleges to be from - may be entirely different as well)

There will be a lot of other gobbledegook in the headers too, don't worry about most of that.  The lines above will always help you determine if your email has been compromised when you start getting failure notices for emails you never sent.