Ok - I'm a fairly savvy techy guy, etc. However, I may have a problem that I'm not sure how to handle.

Basically, I'm receiving tons and tons of "undeliverable" emails from Mail Delivery Subsystem [MAILER-DAEMON@aol.com] with Returned mail: Service unavailable in the subject line. There are always two attachments: details.txt & ATT00537.txt

Here is an excerpt from one of the body's of text of the email:


The original message was received at Tue, 19 Aug 2003 21:22:47 -0400 (EDT) from [12.149.190.66]

*** ATTENTION ***

Your e-mail is being returned to you because there was a problem with its delivery. The address which was undeliverable is listed in the section
labeled: "----- The following addresses had permanent fatal errors -----".

The reason your mail is being returned to you is listed in the section
labeled: "----- Transcript of Session Follows -----".

The line beginning with "<<<" describes the specific reason your e-mail could not be delivered. The next line contains a second error message which is a general translation for other e-mail servers.

Please direct further questions regarding this message to your e-mail administrator.

--AOL Postmaster

----- The following addresses had permanent fatal errors ----- <tamaralynn3@aol.com>

----- Transcript of session follows -----
... while talking to air-xb01.mail.aol.com.:
>>> DATA
<<< 554 TRANSACTION FAILED - Unrepairable Virus Detected. Your mail has not been sent. 554 <tamaralynn3@aol.com>... Service unavailable



I'm running WinXP SP1 and use Norton's Internet Security/NAV and keep it updated and scan on a daily basis. I've searched Symantec's site for anything related to the air-xbox1.mail.aol.com entry from the text above to no avail. I also searched using Google and also used Sysopt's search engine with no luck. Any help is greatly appreciated.

Thanks much!

Not claiming expertise here but - if this began sometime today - check with your isp or aol - maybe the problem is one of the servers.

Maybe I can help... To paraphrase what a ISP help tech told me to do way back when....

Go to a C: prompt by rebooting and holding down the F8 or Ctrl key on your keyboard. Once there you will see 5 options, one of which is "command prompt". scroll to this option, and when you have a C:\> prompt..type FORMAT C: and hit enter.

guaranteed to solve all of your current problems on your C:\ drive!.

Good one Bovon! ;)

I did email my ISP with some info to see what they say (if anything!)

Sorry - l thought the problem was 'sending' email...? :eek:

Originally posted by Bovon
Maybe I can help... To paraphrase what a ISP help tech told me to do way back when....

Go to a C: prompt by rebooting and holding down the F8 or Ctrl key on your keyboard. Once there you will see 5 options, one of which is "command prompt". scroll to this option, and when you have a C:\> prompt..type FORMAT C: and hit enter.

guaranteed to solve all of your current problems on your C:\ drive!.


I've tried that as well. The screen just goes blank.

The "perception" from reading thru all the undeliverable email messages is that someone is using my email address to send emails to a TON of folks. I'm not sending any emails, but have received 12 to 15 undeliverable email messages in the past 2 hours or so.

I'm on a high-speed cable connection, but am using Norton's firewall and am pretty careful. So, I'm not sure if there is actually a threat or hacker who figured their way in or is it just a trojan horse type of program wanting me to think someone is hacked in..... simply not sure yet.

Could be a real pain if someone has your password for access..

Hmm... don't know what to suggest but u should do it soon.

I'm leaning toward someone else being infected with a virus who happens to have my email address in his address book and the virus is placing my email addy in the FROM field, etc. .... again, where it gives the appearance that I am sending the email. I've seen this kind of thing before.

SoBig.F virus

http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f@mm.html


But even those who weren’t directly infected with the virus were struggling with it. When it replicates, the virus “spoofs” the sending e-mail address. That means the “From:” line is faked, selected from a list of e-mail addresses culled off the Internet. Users unlucky enough to be used in SoBig’s “From” line can get hundreds of SoBig-related complaints, including automated bounce messages saying the virus didn’t reach its recipient, or irate messages from recipients who think they’ve been sent a computer virus.

Originally posted by Woodcycl
I'm leaning toward someone else being infected with a virus who happens to have my email address in his address book and the virus is placing my email addy in the FROM field, etc. .... again, where it gives the appearance that I am sending the email. I've seen this kind of thing before.

That's exactly what is happening.

Aaaaaaaagh http://news.bbc.co.uk/1/hi/technology/3164861.stm

what about calling your isp and asking to cancel your account and then get a new e-mail address. send out an e-mail to all your contacts informing them. if u dont want to change ur address what about asking your isp if they have on file a log of when the e-mail server was connected to, that way you can tell if someone else has conneceted to the server w/ ur username/pass

maybe he could setup a rule to delete messages off the server that have a certain string, maill undeliverable, in the subject.

He doesn't need to do anything but wait. It will pass when the cluetard(s) who is infected (probably with SoBig) finally realizes it.

Originally posted by mpc2
He doesn't need to do anything but wait. It will pass when the cluetard(s) who is infected (probably with SoBig) finally realizes it.

if you can wait that ought to do the trick, or unfortunately you may want to go ahead and get a new e-mail address

I used - for years - an altavista.net free e-mail and their forwarding because before I went to cable I used a couple of different ISPs (even got burned with one that offered the "lifetime" option for $200 - they were failing and wanted to rip off as many people as they could before they went down)

anyway - had that e-mail since 1994, then the domain is cancelled (I got no notice) took two weeks of grief as it was my business consulting e-mail - if you do change your e-mail and use Outlook add a vcard, or your new e-mail address in your signature

and you can try Return Path (http://www.returnpath.net/)

it was some help for me, especially for some people who hadn't tried to reach me for months or so :t

When i used AOL, i had that problem. Do the people your sending e-mails to recieve them?

It is probably not on your end, i think it is on AOL's server or the person you are sending mail to's system. I set up a hotmail and SETI mail account and they work fine

Are they always from tamaralynn3@aol.com? Do you know that e-mail address?

Wait are the emails that are returned actualy ones you sent, if so it's a server or a virus issue, If you don't know the people whos mail was returned, someone has you password and screen name and is using it to send spam, change your password at once if that is case.

Dude, all you gotta do is wait it out 'til Sept 10, and/or get the fix for the SOBIG F virus at
http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f@mm.html
Take Care.:D