I am not a programmer so dumb those answers down. I have a forums tab for my site at http://levott.net/cs/ and this appears to be where these strange rejected emails are coming from. The emails I'm getting seem to indicate that I'm sending out an email to a users account that does not exist or at least the email address is not valid. The problem is I'm not sending out any emails via this platform and the email addresses are obviously bogus. The rejected emails addresses are different every time. I have not had any problems with this in the past and over the last week or so have got well over 50 of these "rejected" emails. Is someone trying to hack into my site? Has anyone else got these messages? Below is a sample of the emails I'm getting: Could not deliver message to the following recipient(s): Failed Recipient: [email protected] Reason: Failed to connect to the recipients mail server. No DNS information was found for the 'jcnrkyzug.com' domain. -- The header and top 20 lines of the message follows -- Received: from web135.dotnetplayground.com [192.168.100.108] by postino1.discountasp.net with SMTP; Wed, 9 Sep 2009 23:33:42 -0700 Received: from web135 ([127.0.0.1]) by web135.discountasp.net with Microsoft SMTPSVC(6.0.3790.3959); Wed, 9 Sep 2009 23:33:42 -0700 Content-Base: http://levott.net/cs Content-Location: http://levott.net/cs MIME-Version: 1.0 From: "Levott Community - Automated Email" <[email protected]> To: [email protected] X-Priority: 1 Priority: urgent Importance: high Date: 9 Sep 2009 23:33:42 -0700 Subject: =?utf-8?B?TGV2b3R0IENvbW11bml0eSAtIFlvdXIgQWNjb3VudCBpcyBFbmFibGVkIQ==?= Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: base64 Return-Path: [email protected] Message-ID: <[email protected]> X-OriginalArrivalTime: 10 Sep 2009 06:33:42.0023 (UTC) FILETIME=[A392E970:01CA31E0]
Do you have a "lost password" function on the forum? That's usually the only visitor-generated email from a forum...
There is no "lost password" function on the forum. If the visitor has not signed in and they try to post, we redirect them to our main site www.levott.net to log in. It is very strange, even if it was a current user, they are never allowed to send out emails to anyone besides the webmaster. These emails look like we are sending out an email to someone with a bad email address. I'm thinking about just pulling the forum out to limit my exposure.
are you using some sort of canned application? They may have some security hole that allow unauthorized user to send email.
