A third-party is accessing my Yola mail

  • 1
  • Problem
  • Updated 7 years ago
  • Solved
Hello,

I've recently received notification that my Yola e-mail account has been suspended due to spamming.I've gone through appropriate actions with the abuse team and am currently appealing the suspension. I've sent adequate proof and documentation that the e-mails were not sent by us. The abuse team has been very helpful in terms of forwarding the documentation to OpenSRS. I am currently awaiting their response.

The suspension, however, is not my main concern. My primary concern is that somebody is accessing our mailbox. I have between 80 and 100 messages that were returned to me as undeliverable. The content of the messages are clearly spam and are written in Dutch. A language that I don't even speak. I have no idea how much of the spam mail actually got delivered and to whom they were delivered. I have reported this problem to the abuse team, but haven't received any feedback. I've also changed the password for the account.

At this point in time, I feel very insecure with Yola mail. I'm asking for your advice in terms of further steps that can be taken.
Photo of davidjohnhood

davidjohnhood

  • 53 Posts
  • 4 Reply Likes
  • frustrated

Posted 7 years ago

  • 1
Photo of Jackie

Jackie

  • 640 Posts
  • 35 Reply Likes
Hi David,

I am sorry to hear that you are frustrated, and I would like to work through this with you. I have reviewed your Yola Mail account, and the spam that was sent from your mailbox was authenticated so there are two things that could have happened:

Your mailbox credentials may have become compromised due to using a public network to access mail or other means. Alternatively your computer may have been infected by a Trojan or was acting as part of a botnet.

We recommend that you run antivirus software, and then change your password using either of the following two options:

To change your password using My Yola, please follow these steps:

- Login to your Yola account and ensure that you are on the My Yola page.
- On the left-hand side, select "Yola Mail".
- If your details are not open for your mailbox, click on the mailbox link "mailbox@mydomain.com" to open the settings.
- Select "Change mailbox password for mailbox" to open the change password settings.
- Enter the new password that you would like to change to in the "Password" field, and confirm this in the "Confirm password" field.
- Click "Change password".

To change your password from within your webmail, please follow these steps:

- On the left-hand side underneath "Settings", select "General".
- Select the "Password" tab.
- Follow the instructions to update your password, and select "Save".

Your password will now be updated, and you can log in to your webmail using your new password.

Please let us know if this resolves the problem.

Thanks!
Photo of davidjohnhood

davidjohnhood

  • 53 Posts
  • 4 Reply Likes
Hello Jackie,

Thank you for your prompt response and your assistance. I run the antivirus and changed my password. I'm just curious to know what my mailbox will be functional again?

Thanks again,

David
Photo of Laura Thomas

Laura Thomas, Social Media Coordinator

  • 4536 Posts
  • 211 Reply Likes
Hi David,

For that you will need to follow up with the Abuse team. I hope OpenSRS addresses your case promptly.
Photo of davidjohnhood

davidjohnhood

  • 53 Posts
  • 4 Reply Likes
Hello again,

I have changed the password in my Yola mailbox. I've also run a virus scan on my computer.Today I received another 10 messages in my mailbox stating that more mail has been returned undeliverable.Similar to before, these e-mails have not been sent by me. Again they are in Dutch. As with about 50 others, they seem to be a receipt for a Dutch bank transaction.This really has me baffled because the mailbox is still under suspension and I cannot send mail. I've attached a screenshot of my Outlook express.

Any advice on this matter would be very helpful.

Thanks again,

David
Photo of Jackie

Jackie

  • 640 Posts
  • 35 Reply Likes
Hi David,

Thank you for providing us with this information. I have spoken with our mail services provider, and they have advised that it is possible that the emails are being spoofed. If this is the case, this would be why there is still spam being sent from your email after you have changed your password.

Would you be able to provide us with a copy of one of these emails including the message headers? The message headers contains the full trace of the message, rather than just the To/From/Date/Subject fields.

You can find instructions on how to obtain the full message headers for different mail clients by searching for " view full headers".

If you are using Microsoft Outlook, here is a link that will provide you with instructions on how to find the message header:
http://office.microsoft.com/en-us/out...

We would also recommend changing your password again and removing your mail account from Outlook to see if this resolves the problem.

Thanks!
Photo of davidjohnhood

davidjohnhood

  • 53 Posts
  • 4 Reply Likes
Hello,

Thank you for your response and information. I have changed my password on the Yola mail server. I have also deleted and re-added account in Outlook. Please find the information contained in the header section of some of the spam e-mails below:

Reporting-MTA: dns; smtpgrave01.b.hostedemail.com
X-Postfix-Queue-ID: 579B64A326B7
X-Postfix-Sender: rfc822; webmaster@filipinocooking.net
Arrival-Date: Tue, 20 Mar 2012 14:57:45 +0000 (UTC)

Final-Recipient: rfc822; info@homeopathie.startpagina.nl
Original-Recipient: rfc822;info@homeopathie.startpagina.nl
Action: failed
Status: 4.4.1
Diagnostic-Code: X-Postfix; connect to
homeopathie.startpagina.nl[62.69.179.60]:25: Connection timed out
Reporting-MTA: dns; smtpgrave06.b.hostedemail.com
X-Postfix-Queue-ID: 7D9982A38F
X-Postfix-Sender: rfc822; webmaster@filipinocooking.net
Arrival-Date: Tue, 20 Mar 2012 13:52:07 +0000 (UTC)

Final-Recipient: rfc822; info@w-hasselo.nl
Original-Recipient: rfc822;info@w-hasselo.nl
Action: failed
Status: 4.4.1
Diagnostic-Code: X-Postfix; connect to w-hasselo.nl[213.75.77.64]:25:
Connection timed out

This is just an example of a couple of the e-mails, but I think it should help. I hope we are able to rectify this problem. If not, I'm not sure what further actions to take.

Thank you,

David
Photo of Jackie

Jackie

  • 640 Posts
  • 35 Reply Likes
Hi David,

Thanks for this, I have sent it on to our mail services provider, and as soon we we have an update we will let you know.

Please let us know if you continue to receive mail delivery notifications now that you have changed your password and deleted / re-added your account in Outlook.
Photo of Jackie

Jackie

  • 640 Posts
  • 35 Reply Likes
Hi David,

I have received a response from our mail services provider, and I have sent you an email with some questions as it contains some information that can be considered as private.
Photo of Frank

Frank

  • 111 Posts
  • 31 Reply Likes
Visit my website www.cfgbbs.ca I can maybe help, leave message in contact us. I have anti trojan/spyware/anti virus software that may help. Give alternate contact info, can possibly link U to software DL direct FREE.