SPAM problem - provider cut me off

[jrm]

Having a major problem with MaxBulk mailer.

I manage a few lists. Two are a few hundred names. One is my business' opt-in list with about 10,000 names. I occasionally sent emails to these lists with MaxBulk Mailer. Was using 8.5, then 8.5.1.

I sent a mailing to one of the smaller lists a few days ago. Everything seemed to go fine. It was a styled text format.

Yesterday morning I attempted to send an HTML message to my large list. I have done this before with all the same settings and had no issues.

The mailing was about halfway through when my host contacted by to say we had been hacked. I was told that during the time my MBM mailing was being sent their servers saw a very high level of spam being send through that email address. It was coming from an Asian IP address (I am in NY, USA). They assumed by password was compromised and had me reset it.

Due to problems with the actual email being sent with no body content, I moved back to MBM 8.5. After some testing to a single recipient, I tried to send another mailing.

Same problem. My host has shut down my email address. During the time the mailing was happening, their servers was hit with spam from my address. The host provider was receiving multiple emails from me to an address that is not on my mailing list.

Any idea what is happening here? I can't keep having my email shut down. My provider will no longer allow me to use MBM. Unless I can get this resolved, I will need to find other mailing software or a mailing service.

 

[stanbusk]

MaxBulk Mailer is a standard mail client that uses standard SMTP protocol. When using an insecure connection all SMTP data is transmitted as plain text, same as HTTP, FTP...etc... all internet protocols actually. If someone is listening to your network, especially WiFi networks, he can read all your credentials and then use them. To avoid that they created SSL, secured connections, SMTPS, HTTPS, FTPS... etc... when you use a SSL connection all the SMTP traffic is encrypted so your credentials are sent securely to your server. MaxBulk Mailer supports most SSL types including TLS. It is weird your server did not ask you to simply use SSL :? . On the other hand it would be interesting to check your WiFi network security as well.

 

[jrm]

My wifi network is most likely secure i this context. Unless someone was parked outside my building over a several hour period on all three occasions, I don't see how they would be in range of my network.

The odd thing is, I don't see any evidence that i was hacked by a third party.

The problem only exists while MBM is in the process of sending. The problem begins the moment I hit send and stops the moment sending is terminated. Sending 10k emails is a lengthy process, so the problem persists for a while during the send.

I don't pretend to know all the details of SSL or network security, but it seems to me that if my information was hacked, there would be at least some delay between the first email being sent and the sending account being misused. Moreso, once a third party had that information, I would think they wold try to use it beyond the time my mailing was being sent.

It all doesn't add up. My provider has shown no real interest in helping me find the root cause of the problem. They will simply not let me use MBM for future mailings. I am not only looking for new mailing software, I am also looking for a new host provider. Nothing's easy.

 

[stanbusk]

Are you using a PC? It is possible your computer has been infected by a mailbox trojan? A mailbox trojan is a software that uses your computer and mail accounts to send spam. You can find more info here.

 

[jrm]

I'm on a mac, not a PC.

Frankly, I don't think anyone has accessed my password. I think something else is at play. The problem only occurs when using this one mailing list, and only while email is being sent by MBM. When my mailing starts, the problems start. When my mailing ends, the problems end. If someone had access to this email address, I would expect at least some email to be sent at times when I am not sending.

My provider is allowing me to send a mailing today. This is a much smaller list - about 1,000 names. They will monitor and see what could be going on.

 

[stanbusk]

Do you have other mail software active? Even a regular mail client? When you are authenticated with a server you get granted to send messages, not only MaxBulk Mailer but any software.

There are Trojans on Mac as well, this is not a Window only thing.

 

[jrm]

I realize that Macs can also be infected. Was simply responding to your question regarding platform.

Yes, other clients are active. My desktop, phone and tablet all check mail on various accounts. Could that cause an issue? It hasn't in the past.

Again, I don't think my account or computer has been compromised. I believe there is something else at play which is causing the provider's system to view _my_ messages as some sort of spam. That, to me, is the only logical explanation.

It seems odd that any "attack" on my email would only happen when MBM is sending mail. It doesn't happen prior to that. It ceases immediately when MBM is done with no further occurrences.

After the first problem, we changed passwords. When I tried again, the same exact problem happened during the MBM mailing.

Oddly, it only seems to happen on my larger 10k name list. That was also an HTML message.

So far, there have been no issues with an email I tried today - styled text, about 850 names. I notified provider of exact start time and sent him the MBM completion report. Haven't heard anything yet.

edit to add: just heard back. No issues at all with today's smaller mailing.

Is there something in my HTML message that could cause a problem? Is there something in an email list that could be an issue?