It's not to do with hosting, its an auto reply when you email sascha.braun which gave the same aware reply to me, and I'm on a Linux box at home! Thanks, Ash http://www.ashleysheridan.co.uk ----- Reply message ----- From: "Ben Brentlinger" <Ben@xxxxxxxxxxxx> Date: Mon, Nov 1, 2010 08:29 Subject: [PHP] Fwd: Mail delivery failed: returning message to sender To: <php-general@xxxxxxxxxxxxx> it could be that the person whom you tried email has reached the quota on their inbox. It's also possible that the person you tried emailing gave you a fake email address and it's also possible that your domain might be hosted on a cheap hosting account with a company that has been known for other people using their service to host websites that have a bulk mailing script meant for sending spam. The possibility to what could be going on are endless, but out of all the possibilities I can think of, I can't imagine a spammer hijacking your site to send malware from it being one of the more likely possibilities especially if you have a hosting account with cpanel, which is harder to gain unauthorized access to a cpanel hosting account than it is to gain access to a web server's FTP, especially if you allow public FTP uploads to the site, that can be a breading ground for hackers to upload a password sniffing script onto your site via FTP that would track back to their server, which would allow them to hack into your website. Cheap, no name webhosting companies are more likely breading grounds for those kinds of shady charachters. If you have an account with one of those no name companies, I'd recommend changing webhosts immediately, otherwise, you should be ok. If you do, though, and you're not sure who to switch to, I'd recommend hostgator <http://secure.hostgator.com/%7Eaffiliat/cgi-bin/affiliates/clickthru.cgi?id=BenBrent>. They're not as big as 1&1 or Godaddy, but there one of the biggest webhosting companies that use cpanel. I wouldn't recommend any webhosting company that doesn't use cpanel because anything else is either harder to use, not as secure or both. On 11/1/2010 3:56, Ashley Sheridan wrote: > On Sun, 2010-10-31 at 20:06 -0500, Tamara Temple wrote: > >> Is this something I need to worry about?? Is my mail sending some >> malware?? >> >> Begin forwarded message: >> >>> From: Mail Delivery Subsystem<MAILER-DAEMON@xxxxxxxxxx> >>> Date: October 31, 2010 7:37:54 PM CDT >>> To: Tamara Temple<tamouse.lists@xxxxxxxxx> >>> Subject: Mail delivery failed: returning message to sender >>> >>> This message was created automatically by mail delivery software. >>> >>> A message sent by >>> >>> <php-general-return-309188-sascha.braun=immosky.ch@xxxxxxxxxxxxx> >>> >>> could not be delivered to all of its recipients. >>> The following address(es) failed: >>> >>> <sascha.braun@xxxxxxxxxx> >>> >>> The following text was generated during the delivery attempt(s): >>> >>> <sascha.braun@xxxxxxxxxx> >>> (reason: 550 This message contains malware >>> (winnow.malware.wa.webinjection.1450.UNOFFICIAL)) >>> >>> ------ This is a copy of the message, including all the headers. >>> >>> Received: from [192.168.1.110] (helo=mailin01.ims-firmen.de) >>> by mail01.ims-firmen.de with esmtp (Exim 4.69) >>> (envelope-from<php-general-return-309188-sascha.braun=immosky.ch@xxxxxxxxxxxxx >>>> ) >>> id 1PCiPJ-0001i7-R8 >>> for sascha.braun@xxxxxxxxxx; Mon, 01 Nov 2010 01:37:53 +0100 >>> Received: from pb1.pair.com ([76.75.200.58] helo=lists.php.net) >>> by mailin01.ims-firmen.de with esmtp (Exim 4.72) >>> (envelope-from<php-general-return-309188-sascha.braun=immosky.ch@xxxxxxxxxxxxx >>>> ) >>> id 1PCiPs-00047o-Sb >>> for sascha.braun@xxxxxxxxxx; Mon, 01 Nov 2010 01:38:29 +0100 >>> Authentication-Results: pb1.pair.com header.from=tamouse.lists@xxxxxxxxx >>> ; domainkeys=bad >>> DomainKey-Status: bad >>> X-DomainKeys: Ecelerity dk_validate implementing draft-delany- >>> domainkeys-base-01 >>> X-Host-Fingerprint: 76.75.200.58 pb1.pair.com >>> Received: from [76.75.200.58] ([76.75.200.58:2084] helo=lists.php.net) >>> by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP >>> id EF/73-24094-FDB0ECC4 for<sascha.braun@xxxxxxxxxx>; Sun, 31 Oct >>> 2010 19:37:51 -0500 >>> Received: (qmail 51732 invoked by uid 1010); 1 Nov 2010 00:37:02 -0000 >>> Mailing-List: contact php-general-help@xxxxxxxxxxxxx; run by ezmlm >>> Precedence: bulk >>> list-help:<mailto:php-general-help@xxxxxxxxxxxxx> >>> list-unsubscribe:<mailto:php-general-unsubscribe@xxxxxxxxxxxxx> >>> list-post:<mailto:php-general@xxxxxxxxxxxxx> >>> List-Id: php-general.lists.php.net >>> Delivered-To: mailing list php-general@xxxxxxxxxxxxx >>> Received: (qmail 51725 invoked from network); 1 Nov 2010 00:37:02 >>> -0000 >>> Authentication-Results: pb1.pair.com header.from=tamouse.lists@xxxxxxxxx >>> ; sender-id=pass; domainkeys=bad >>> Authentication-Results: pb1.pair.com >>> smtp.mail=tamouse.lists@xxxxxxxxx; spf=pass; sender-id=pass >>> Received-SPF: pass (pb1.pair.com: domain gmail.com designates >>> 209.85.214.170 as permitted sender) >>> X-DomainKeys: Ecelerity dk_validate implementing draft-delany- >>> domainkeys-base-01 >>> X-PHP-List-Original-Sender: tamouse.lists@xxxxxxxxx >>> X-Host-Fingerprint: 209.85.214.170 mail-iw0-f170.google.com >>> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; >>> d=gmail.com; s=gamma; >>> h=domainke
