One of my primary domains is uniQon.com
Someone is spoofing my domain sending out EXE and PIF files which are presumably viruses or trojans under my domain name. What can I do to prevent this? Below are the headers from four spoofed messages. Note that the following email accounts are phony and do NOT exist:
christina@uniqon.com
remove_spam_x@uniqon.com
Boardmeetups@uniqon.com
management@uniqon.com
igrfkowuseskhtwfbcd@uniqon.com
lpdjnaowkxgmlyxcwiq@uniqon.com
#1===============================
Return-path: <texaskerry-unsubscribe@yahoogroups.com>
Envelope-to: meetups@uniqon.com
Delivery-date: Mon, 31 May 2004 12:00:22 -0500
Received: from [68.69.154.236] (helo=D57R0821.net)
by cpanel13.gzo.com with smtp (Exim 4.34)
id 1BUq96-0002rW-5w
for meetups@uniqon.com; Mon, 31 May 2004 12:00:21 -0500
Date: Mon, 31 May 2004 13:00:24 -0500
To: meetups@uniqon.com
Subject: I just need a friend
From: christina@uniqon.com
Message-ID: <igrfkowuseskhtwfbcd@uniqon.com>
#2==============================
Return-Path: <remove_spam_x@uniqon.com>
Received: from nodo50.org (38.Red-80-34-136.pooles.rima-tde.net [80.34.136.38])
by mxzilla7.xs4all.nl (8.12.10/8.12.10) with ESMTP id i4S6rW70092286
for <ecogranada@nodo50.org>; Fri, 28 May 2004 08:53:33 +0200 (CEST)
Message-Id: <200405280653.i4S6rW70092286@mxzilla7.xs4all.nl>
From: remove_spam_x@uniqon.com
To: ecogranada@nodo50.org
Subject: Mail Delivery (failure ecogranada@nodo50.org)
Date: Fri, 28 May 2004 08:54:42 -0500
#3===============================
Received: from metropoli2000.com (38.Red-80-34-136.pooles.rima-tde.net [80.34.136.38])
by mx1.m2kcore.com (Postfix) with ESMTP id B1DAFAC06A
for <info@metropoli2000.com>; Fri, 28 May 2004 08:43:30 +0200 (CEST)
From: remove_spam_x@uniqon.com
To: info@metropoli2000.com
Subject: Re: my website
Date: Fri, 28 May 2004 08:45:03 -0500
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0016----=_NextPart_000_0016"
X-Priority: 3
X-MSMail-Priority: Normal
Message-Id: <20040528064330.B1DAFAC06A@mx1.m2kcore.com>
#4===============================
Return-path: <Boardmeetups@uniqon.com>
Received: from [68.60.149.25] (helo=matt-s-computer.net)
by cpanel13.gzo.com with smtp (Exim 4.34)
id 1BSDf3-0001S1-Am
for 404078LVZmeetups@uniqon.com; Mon, 24 May 2004 06:30:30 -0500
Date: Mon, 24 May 2004 08:00:40 -0500
To: 404078LVZmeetups@uniqon.com
Subject: Email report
From: management@uniqon.com
Message-ID: <lpdjnaowkxgmlyxcwiq@uniqon.com>
Someone is spoofing my domain sending out EXE and PIF files which are presumably viruses or trojans under my domain name. What can I do to prevent this? Below are the headers from four spoofed messages. Note that the following email accounts are phony and do NOT exist:
christina@uniqon.com
remove_spam_x@uniqon.com
Boardmeetups@uniqon.com
management@uniqon.com
igrfkowuseskhtwfbcd@uniqon.com
lpdjnaowkxgmlyxcwiq@uniqon.com
#1===============================
Return-path: <texaskerry-unsubscribe@yahoogroups.com>
Envelope-to: meetups@uniqon.com
Delivery-date: Mon, 31 May 2004 12:00:22 -0500
Received: from [68.69.154.236] (helo=D57R0821.net)
by cpanel13.gzo.com with smtp (Exim 4.34)
id 1BUq96-0002rW-5w
for meetups@uniqon.com; Mon, 31 May 2004 12:00:21 -0500
Date: Mon, 31 May 2004 13:00:24 -0500
To: meetups@uniqon.com
Subject: I just need a friend
From: christina@uniqon.com
Message-ID: <igrfkowuseskhtwfbcd@uniqon.com>
#2==============================
Return-Path: <remove_spam_x@uniqon.com>
Received: from nodo50.org (38.Red-80-34-136.pooles.rima-tde.net [80.34.136.38])
by mxzilla7.xs4all.nl (8.12.10/8.12.10) with ESMTP id i4S6rW70092286
for <ecogranada@nodo50.org>; Fri, 28 May 2004 08:53:33 +0200 (CEST)
Message-Id: <200405280653.i4S6rW70092286@mxzilla7.xs4all.nl>
From: remove_spam_x@uniqon.com
To: ecogranada@nodo50.org
Subject: Mail Delivery (failure ecogranada@nodo50.org)
Date: Fri, 28 May 2004 08:54:42 -0500
#3===============================
Received: from metropoli2000.com (38.Red-80-34-136.pooles.rima-tde.net [80.34.136.38])
by mx1.m2kcore.com (Postfix) with ESMTP id B1DAFAC06A
for <info@metropoli2000.com>; Fri, 28 May 2004 08:43:30 +0200 (CEST)
From: remove_spam_x@uniqon.com
To: info@metropoli2000.com
Subject: Re: my website
Date: Fri, 28 May 2004 08:45:03 -0500
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0016----=_NextPart_000_0016"
X-Priority: 3
X-MSMail-Priority: Normal
Message-Id: <20040528064330.B1DAFAC06A@mx1.m2kcore.com>
#4===============================
Return-path: <Boardmeetups@uniqon.com>
Received: from [68.60.149.25] (helo=matt-s-computer.net)
by cpanel13.gzo.com with smtp (Exim 4.34)
id 1BSDf3-0001S1-Am
for 404078LVZmeetups@uniqon.com; Mon, 24 May 2004 06:30:30 -0500
Date: Mon, 24 May 2004 08:00:40 -0500
To: 404078LVZmeetups@uniqon.com
Subject: Email report
From: management@uniqon.com
Message-ID: <lpdjnaowkxgmlyxcwiq@uniqon.com>
Comment