Weird mail - what's going on?
Tony Nelson
tonynelson at georgeanelson.com
Tue Jan 26 22:41:46 UTC 2010
On 10-01-26 12:37:21, Peter Langfelder wrote:
> Hi all,
>
> I'm working on my laptop where I don't use the local linux mail at
> all (use webmail). Just got a message in the terminal
>
> You have new mail in /var/spool/mail/plangfelder
>
> so I look into /var/spool/mail/plangfelder and see this:
Someone or something, possibly you, used the "mail" (or "mailx")
command to send an email to "your at emailaddress.com", with the subject
"Photos". The address appears to be a default that should be filled in
with a real address. This would have happened about 4 hours before you
got the local mail notification. Think back to what you were doing
then. Perhaps you tried some new software?
> >From MAILER-DAEMON at peter Tue Jan 26 01:05:11 2010
> Return-Path: <MAILER-DAEMON at peter>
> Received: from localhost (localhost)
> by peter (8.14.3/8.14.3) id o0Q93AaU007227;
> Tue, 26 Jan 2010 01:05:11 -0800
> Date: Tue, 26 Jan 2010 01:05:11 -0800
> From: Mail Delivery Subsystem <MAILER-DAEMON at peter>
> Message-Id: <201001260905.o0Q93AaU007227 at peter>
> To: <plangfelder at peter>
> MIME-Version: 1.0
> Content-Type: multipart/report; report-type=delivery-status;
> boundary="o0Q93AaU007227.1264496711/peter"
> Subject: Warning: could not send message for past 4 hours
> Auto-Submitted: auto-generated (warning-timeout)
> Status: RO
>
> This is a MIME-encapsulated message
>
> --o0Q93AaU007227.1264496711/peter
>
> **********************************************
> ** THIS IS A WARNING MESSAGE ONLY **
> ** YOU DO NOT NEED TO RESEND YOUR MESSAGE **
> **********************************************
>
> The original message was received at Mon, 25 Jan 2010 20:40:17 -0800
> from localhost.localdomain [127.0.0.1]
>
> ----- Transcript of session follows -----
> <your at emailaddress.com>... Deferred: Connection timed out with
> emailaddress.com.
> Warning: message still undelivered after 4 hours
> Will keep trying until message is 5 days old
>
> --o0Q93AaU007227.1264496711/peter
> Content-Type: message/delivery-status
>
> Reporting-MTA: dns; peter
> Arrival-Date: Mon, 25 Jan 2010 20:40:17 -0800
>
> Final-Recipient: RFC822; your at emailaddress.com
> Action: delayed
> Status: 4.4.1
> Remote-MTA: DNS; emailaddress.com
> Last-Attempt-Date: Tue, 26 Jan 2010 01:05:11 -0800
> Will-Retry-Until: Sat, 30 Jan 2010 20:40:17 -0800
>
> --o0Q93AaU007227.1264496711/peter
> Content-Type: message/rfc822
>
> Return-Path: <plangfelder at peter>
> Received: from peter (localhost.localdomain [127.0.0.1])
> by peter (8.14.3/8.14.3) with ESMTP id o0Q4eHaT004810
> for <your at emailaddress.com>; Mon, 25 Jan 2010 20:40:17 -0800
> Received: (from plangfelder at localhost)
> by peter (8.14.3/8.14.3/Submit) id o0Q4eHD9004806
> for your at emailaddress.com; Mon, 25 Jan 2010 20:40:17 -0800
> From: Peter Langfelder <plangfelder at peter>
> Message-Id: <201001260440.o0Q4eHD9004806 at peter>
> Date: Mon, 25 Jan 2010 20:40:16 -0800
> To: your at emailaddress.com
> Subject: Photos
> User-Agent: Heirloom mailx 12.4 7/29/08
> MIME-Version: 1.0
> Content-Type: text/plain; charset=us-ascii
> Content-Transfer-Encoding: quoted-printable
>
> =
>
> --o0Q93AaU007227.1264496711/peter--
> -----------------------------------------------------------------------------
>
> Anyone has an idea what's going on? Has my laptop been hacked and is
> it being used to send spam?
No.
--
____________________________________________________________________
TonyN.:' <mailto:tonynelson at georgeanelson.com>
' <http://www.georgeanelson.com/>
More information about the users
mailing list