Published by Fabian on 26 Oct 2008 at 12:36 pm
My Outlook Sending Spam
something strange is going on here. My Outlook just sent out some amount of Spam mails.
Well I assume its my outlook, especially as the mailer demons that return me the messages that could not be sent with some header information including my PCs name and outlook information. yikes!
Avast did not find anything, nor did the Vista Defender, nor did Spybot… I am a bit clueless right now….
There was an RPC exploit recently but they said it was only for XP, and my Vista is not showing any pending updates. Strange….
[Update]
I changed my gmail password every day. And today the same thing happened to me again. I am also behind a hardware firewall. This is driving me crazy. So my best bet still is that there is a vulnerability at gmail which allows placing mails in outbox without password.
[Update2]
Wow, there is a flag for SPAM that tells outlook to send more spam if the spam was deleted?
“x-confirm-reading-to header” – Well done Microsoft.
To stop the plague:
in gMail go to Settings -> Filters -> Create a new filter -> Subject: Not Read -> Delete It (checkbox)… Create Filter
Check the Link Trevor posted below for answers
David on 26 Oct 2008 at 6:46 pm #
Hello. I’m having the same problem. I was starting to get a bunch of returned mail in my outlook inbox (through gmail) and thought that it was just normal spams. But then I looked in my outbox and there were all the spams that returned.
I don’t know why my outlook is sending off spams! I’m quite careful about what I install on my PC. I also checked with my anti-virus and nothing there.
Anyone knows what it could be? I hate spam.
Fabian on 26 Oct 2008 at 7:43 pm #
One Additional idea: someone is placing the spam into gmail outbox but not actually sending them. it is then outlook that will send them, thus the messages carry outlook identity information. In that case it could either indicate a hacked gmail account (hmm the PW is just of medium strength) or it is a general gmail exploit.
Johan on 27 Oct 2008 at 4:57 pm #
I’m having the same problem as well. It do look like the mails are actually sent from my computer using outlook (the IPnumber and computer name are correct). I usually use my webmail(squirrel mail) but I had outlook running for ten minutes this morning. During this time I got 10 mailerdaemon returns from variuos places with a spam-like mail being sent from my computer. Scanned the computer with Nod32 and found nothing. Used ThreatExperts memory scanner and found nothing as well. Strange behavior…
Charlie on 30 Oct 2008 at 5:19 pm #
Add me to the list.
Has anyone figured anything out? I can’t find anything irregular on my PC.
Trevor on 30 Oct 2008 at 10:18 pm #
This thread seems to have the answer:
http://forums.techguy.org/general-security/753746-outlook-2007-sending-spam-4.html
Fabian on 30 Oct 2008 at 10:55 pm #
Wow thanks Trevor. That “Not read:” caught also my eye but I never thought it is a “not read receipt” my outlook is sending for spam I did not read. Amazing!
That really blows my mind…