Tried to send email last night from my email account and it failed to send saying the email contained SPAM. Couldn't see anything which might have triggered this. Tried sending myself 2 x test messages – one with no content in the body and one that just said HIYA. Both sent but went into my SPAM folder when received. I clicked the THIS ISN'T SPAM option and it moved them to my inbox. I sent another TEST and again it went into my SPAM folder.
I looked at the Source information and it has some odd info as set out below:
I have deleted some of the code as I wasn't sure if it was secure to leave it all in but there were some references I didn't understand and an IP in Holland which when you check it says it might be an IP registered to Ziggo ?
I have changed my Virgin passwords and ran Bitdefender and another antivirus program and both found nothing.
Have I been hacked and how do I sort it please ?
Thanks in advance.
Return-Path: <t_ >
Received: from md1.tb.ukmail.iss.local ([22.214.171.124])
by mc24.tb.ukmail.iss.local with LMTP id M V45l69OAAAsNwiEA
1. Like VirginMedia, Ziggo is part of the Liberty Global empire and handles some aspects of the overall VM email service.
2. VM’s provider of spam detection software is Cloudmark.
3. Every email passing through the analysis software is assigned a score in the range 0 to 100 where 100 means – certain to be spam. Your quoted example shows a high score of 96 (96% likely to be spam). CMAE is short for CloudMark Analysis Engine.
4. The turnover of changes to the CMAE software is practically non-stop and some false positives can creep in from time to time. These are usually corrected within a short elapsed time.
It might help to know -
a) which OS – Windows, MAC, other
b) which email client - Outlook etc
c) do you have a default signature to your emails and/or URL links to websites?
d) anything else out of the ordinary in your setup – VPNs etc?
e) have you checked if your IP address is on any blacklist? Use MxToolbox (Blacklists) to query that.
Hi and thank you so much for such a comprehensive reply.
I access Virgin email through their web based service but have in the past use Outlook but not for ages.
I usually access it through Edge but have recently logged on through Chrome with Surfshark running as the VPN.
I don't use a signature or put links to websites and the email that first triggered the SPAM message was to a colleague's work email address. It didn't contain anything that I though was an issue.
I have recently changed my settings on Surfshark and wonder if the software used to check for outgoing SPAM has noted changes to the IP addresses used as well as come content in the email. I will try the software you mentioned now and see if that throws anything up. All of the anti-virus and malware software I am running, carrying out deep 5/6 hour scans of every folder say my system is clean and free of any unwanted or dangerous software.
Hi again, not sure if am replying to correct post !
Just used mxtoolbox with Blacklist and everything with my VPN IP was green and ok. When I put it the Ziggo 126.96.36.199 IP address it brought up a few red warnings which might be the reason it was marked as SPAM and would let me send it.
If Ziggo and VM are linked it would appear that this blacklisting is not being caused by software on my pc ? Am I right to think this ? Should I advise VM or as you mentioned would they have realised this and sorted it out ? I have not dared logging onto my email in case it allowed someone control of it even though I changed passwords and everything recommended by VM. I have just sent myself an email and it has the same IP address as above but showed a PASS in the Source code for the message in relation to SPAM. Maybe it was just a blip ?
I suspect that the recent change of VPN IP address has been on one or more blacklists for one or more short periods of time. It is frustratingly difficult to pin down some addresses which are on and off blacklists at very short intervals. The VPN owners are always very quick to request removal from such lists. Can you try sending emails (to self) without using the VPN and report what happens?