Delivery Status Notification (Failure)
Returned mail: Service unavailable
Delivery failure

I've been getting a lot of emails with the above subjects (a dozen a day at the peak), and when I look around for an reason why I would get these emails, searches say 'that it's an email delivery problem and I'm sending letters to parties/addresses that no longer exist'. The part that gets me though is that I haven't sent any emails.

Normally I would disregard these emails as spam, but I'm a little concerned that my email account may have been compromised by some sort of virus that's using my account to email others. I'm currently using Gmail if that helps, other than that I can't really think of anything else that may have caused it (unless the MSBlast worm I just killed has something to do with it). If anyone can advice me on this I'd really appreciate it.

Here are two examples of the emails.
======1st Example=======
subject Returned mail: Service unavailable
The original message was received at Tue, 15 Jan 2008 05:24:15 +0800 (CST)
from []
----- The following addresses had permanent fatal errors -----
----- Transcript of session follows -----
mail.local: /var/mail/h/hunwang: Disc quota exceeded
554 <>... Service unavailable
----- Original message follows -----
Return-Path: <>
Received: from ( [])
by (8.8.8/8.8.8) with ESMTP id FAA24200
for <>; Tue, 15 Jan 2008 05:24:15 +0800 (CST)
Received: from ( [])
by (8.12.11/8.12.11) with ESMTP id m0ELOEUM017519
for <>; Tue, 15 Jan 2008 05:24:14 +0800 (CST)
Received: from ([])
by (8.8.8/8.8.8) with SMTP id FAA02693;
Tue, 15 Jan 2008 05:23:50 +0800 (CST)
Received: from by; Fri, 18 Jan 2008 17:15:59 -0400
Message-ID: <>
From: "LV 與 GUCCI 所有產品 皆附原廠紙袋(送禮方便)" <>
Subject: PRADA BR- 黑BR3170
Date: Fri, 18 Jan 2008 23:14:59 +0200
X-Mailer: Internet Mail Service (5.5.2650.21)
MIME-Version: 1.0
Content-Type: multipart/alternative;
X-Priority: 3
X-MSMail-Priority: Normal
X-Brightmail-Tracker: AAAABADs5YoBkSl7Am8/9Aev3IQ=
X-HiNet-Brightmail: Spam

Content-Type: text/plain;
Content-Transfer-Encoding: quoted-printable
.........gibberish follows....

=====2nd Example===== to tsu.kao
Message from
Unable to deliver message to the following address(es).

Sorry your message to cannot be delivered. This account has been disabled or discontinued [#102].

Sorry your message to cannot be delivered. This account has been disabled or discontinued [#102].

--- Original message follows.

X-Originating-IP: []
Return-Path: <>
Received-SPF: neutral ( domain of is neutral about designating as permitted sender)
Authentication-Results:; domainkeys=neutral (no sig)
Received: from (HELO (
by with SMTP; Sat, 12 Jan 2008 09:46:43 +0900
Received: from by; Tue, 15 Jan 2008 18:45:29 -0600
Message-ID: <>
From: "中南部可專案配合500萬以上、聯絡人:朱先生0910-926-146" <>
Subject: 今天看房子.明天撥款.月息2分
Date: Tue, 15 Jan 2008 20:44:29 -0400
X-Mailer: MIME-tools 5.503 (Entity 5.501)
MIME-Version: 1.0
Content-Type: multipart/alternative;
X-Priority: 1
X-MSMail-Priority: High
X-Antivirus: avast! (VPS 080111-0, 11/01/2008), Outbound message
X-Antivirus-Status: Clean

Content-Type: text/plain;
Content-Transfer-Encoding: quoted-printable











Recommended Answers

All 5 Replies

You might have a virus thats sending out emails from your PC or more likely, someone is spoofing your email address (easy to do if the smtp mail server is unsecured - thats how spam emails can sometimes appear to originate from legitimate companies)

Ran my McAfee and Ad-aware, but I didn't turn up any viruses. Do you have any suggestions for finding out if my computer has been infected?

most likely is that someone is using your userid to send mail thorugh your mail server. Unless your outgoing server has password protection you cant stop this (most ISP servers DONT)

This is phishing or malware spam

It has nothing to do with your computer or your email service. The notices are phake. This is usually used for phishing, advertising, or downloading malware to your computer.

The entire notice was dummied up to fool you. No undeliverable email mentioned in the notice ever existed. The phakers are trying to get you to click on the links in the email. When you do that, they can do whatever they want to you.

In this case, the numbers at the bottom were an attempt to install malware on YOUR computer. It was sanitized by your ISP.

Just throw them out without opening them or following any links.

K thanks Midimagic, that helps a lot. It's nice knowing my account isn't being used by someone else.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.