bbs.spamgourmet.com

Since yesterday, my gmail account has received dozens of Viagra spam emails sent to at least a dozen of my spamgourmet addresses.

And I've received a couple of bounce notifications from servers returning undeliverable spam that looks like it was sent from some of my spamgourmet addresses.

Anyone have any idea what might be going on?

We've had a couple of other users reporting something similar. It could be a bunch of harvested address (including many of yours) that are being sent to in blocks of similar addresses? Not sure.

Thanks for the reply Josh.

The spam is to such a wide range of my SG addresses that it seems to me that either the SG server or my Gmail account has been compromised. I guess it's more likely to be my Gmail account.

I also received 4 identical spam emails sent to my gmail address from 4 different spamgourmet addresses. The addresses have nothing to do with each other:

Sunrocket address -- Old VOIP company sunrocket.com
Cheap Phone Cards -- cheapphonecards.com
I am Facing Foreclosure - iamfacingforeclosure.com
Dave and Busters - daveandbusters.com



Here's one of the spam emails in case it helps:

----------------------------------------------------------------------
Delivered-To: <<redacted>>@gmail.com
Received: by 10.231.5.141 with SMTP id 13cs218690ibv;
Mon, 25 Jan 2010 05:13:44 -0800 (PST)
Received: by 10.143.27.18 with SMTP id e18mr4145223wfj.83.1264425224421;
Mon, 25 Jan 2010 05:13:44 -0800 (PST)
Return-Path: <+srocket+<<redacted>>+dde969db22.noreply?message.myspace.com@spamgourmet.com>
Received: from gourmet7.spamgourmet.com (gourmet7.spamgourmet.com [216.75.62.102])
by mx.google.com with ESMTP id 15si6744049pxi.64.2010.01.25.05.13.44;
Mon, 25 Jan 2010 05:13:44 -0800 (PST)
Received-SPF: pass (google.com: domain of +srocket+<<redacted>>+dde969db22.noreply#message.myspace.com@spamgourmet.com designates 216.75.62.102 as permitted sender) client-ip=216.75.62.102;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of +srocket+<<redacted>>+dde969db22.noreply#message.myspace.com@spamgourmet.com designates 216.75.62.102 as permitted sender) smtp.mail=+srocket+<<redacted>>+dde969db22.noreply#message.myspace.com@spamgourmet.com
Received: from spamgourmet by gourmet7.spamgourmet.com with local (Exim 4.63)
(envelope-from <+srocket+<<redacted>>+dde969db22.noreply#message.myspace.com@spamgourmet.com>)
id 1NZOqX-0008Qx-75
for <<redacted>>@gmail.com; Mon, 25 Jan 2010 13:19:13 +0000
Received: from [70.122.228.29] (helo=cpe-70-122-228-29.tx.res.rr.com)
by gourmet7.spamgourmet.com with smtp (Exim 4.63)
(envelope-from <noreply@message.myspace.com>)
id 1NZOqV-0008OR-8s
for srocket.t.<<redacted>>@xoxy.net; Mon, 25 Jan 2010 13:19:11 +0000
Received: from localhost (127.0.0.1) by mail.cpe-70-122-228-29.tx.res.rr.com
(70.122.228.29) with Microsoft SMTP Server id 8.0.685.24; Mon, 25 Jan 2010 07:13:35 -0600
From: "Percocet.Vicodin.Adderall - noreply@message.myspace.com" <+srocket+<<redacted>>+dde969db22.noreply#message.myspace.com@spamgourmet.com>
To: srocket.t.<<redacted>>@xoxy.net
Subject: <<<<<<<<<<<Discount Sale>>>>>>>>>>>> !! (srocket: message 6 of 20)
Date: Mon, 25 Jan 2010 07:13:35 -0600
MIME-Version: 1.0
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
Message-Id: <E1NZOqX-0008Qx-75@gourmet7.spamgourmet.com>

<a href="http://xoyoxgot.com">Discount Sale !!</a>
----------------------------------------------------------------------


I don't know if it's just a coincidence, but the url looks similar to xoxy, which is what I use for my addresses.

Yep same here as warrenn....so far 10 address...It seems highly doubtful that the companies that they are from are hacked, I have not seen any real virus/trojan news today.

Same here too. Started about a week ago with my insideredbox.com address. Just assumed they were compromised, as other people there complained about it too. However, in the past 2 days I've received spam on at least 5 different SG addresses.

Is everyone's protected address on gmail? Or are you using other mail servers?

I have other gmail accounts but I'm not getting spam to those. The only spam I'm getting is through my spamgourmet addresses.

It's only spam sent to SG addresses that's getting through gmail's filter. I've always received spam to my gmail address - but gmail has always filtered it out into the Spam folder.

Unfortunately, I have been experiencing the exact same thing. The spam began a couple of weeks ago, to just one of my SG addresses. I assumed that particular address had been compromised, so I reset it to "0" remaining messages.

Then today, I started getting lots and lots of spam to 3 other SG addresses. There's no way it's a coincidence - the addresses they're using are completely unrelated. The content of the messages looks very similar to the one warrenn posted.

Of the 4 SG addresses I've gotten spam from, 2 of them were "@spamgourmet.com", and the other 2 were "@xoxy.net". My protected e-mail address is on gmail.

I too have recently received eight of the same spam messages described in this thread to five of my spamgourmet addresses; this began early this morning. Something is definitely amiss!

At least three of these five aliases were clean (had never been leaked to any spammer). Yet, all of a sudden, they are in the hands of what appears to be the same individual spammer peddling medication.

I do not use Gmail at all. Let me know if I can provide any additional info that may help in figuring out what happened or how to fix it.

I have 9 spam messages to unique, already set up SG addresses.

Same as above, ads for drugs.

Something weird is going on.

Just a ditto on this affecting non-gmail accounts. I'm using fastmail.fm and getting similar spam to spamgourmet addresses that have never been spammed before.

Same issue here.

you all are saying that these addresses weren't public? That is, you provided them to different senders with understanding that they'd be kept confidential by those senders (as opposed to using them for a newsgroup post or something)?

Josh: yup. I've just double-checked and every spam mail I checked was sent to an SG address I'd used for a mailing list belonging to a reputable organisation that's never spammed me before.

(And a heartfelt thank you by the way - I just noticed that my top five SG addresses have thrown away over 15,000 items of spam in the last five years!)