Re: Fwd: Mail delivery failed: returning message to sender

Tamara Temple <tamouse.lists@xxxxxxxxx> · Tue, 2 Nov 2010 17:42:43 -0500

On Nov 1, 2010, at 3:29 AM, Ben Brentlinger wrote:

it could be that the person whom you tried email has reached the  
quota on their inbox.  It's also possible that the person you tried  
emailing gave you a fake email address and it's also possible that  
your domain might be hosted on a cheap hosting account with a  
company that has been known for other people using their service to  
host websites that have a bulk mailing script meant for sending  
spam.  The possibility to what could be going on are endless, but  
out of all the possibilities I can think of, I can't imagine a  
spammer hijacking your site to send malware from it being one of the  
more likely possibilities especially if you have a hosting account  
with cpanel, which is harder to gain unauthorized access to a cpanel  
hosting account than it is to gain access to a web server's FTP,  
especially if you allow public FTP uploads to the site, that can be  
a breading ground for hackers to upload a password sniffing script  
onto your site via FTP that would track back to their server, which  
would allow them to hack into your website.  Cheap, no name  
webhosting companies are more likely breading grounds for those  
kinds of shady charachters.  If you have an account with one of  
those no name companies, I'd recommend changing webhosts  
immediately, otherwise, you should be ok.  If you do, though, and  
you're not sure who to switch to, I'd recommend hostgator <http://secure.hostgator.com/%7Eaffiliat/cgi-bin/affiliates/clickthru.cgi?id=BenBrent 
>.

They're not as big as 1&1 or Godaddy, but there one of the biggest  
webhosting companies that use cpanel.  I wouldn't recommend any  
webhosting company that doesn't use cpanel because anything else is  
either harder to use, not as secure or both.

I don't think you understand. I got that bounce back from a response I  
sent to this list from one of my gmail accounts. My message did not  
originate from my personal domain.

See here:
From: Tamara Temple<tamouse.lists@xxxxxxxxx>
To: PHP General<php-general@xxxxxxxxxxxxx>

On 11/1/2010 3:56, Ashley Sheridan wrote:
On Sun, 2010-10-31 at 20:06 -0500, Tamara Temple wrote:

Is this something I need to worry about?? Is my mail sending some
malware??

Begin forwarded message:

From: Mail Delivery Subsystem<MAILER-DAEMON@xxxxxxxxxx>
Date: October 31, 2010 7:37:54 PM CDT
To: Tamara Temple<tamouse.lists@xxxxxxxxx>
Subject: Mail delivery failed: returning message to sender

This message was created automatically by mail delivery software.

A message sent by

 <php-general-return-309188-sascha.braun=immosky.ch@xxxxxxxxxxxxx>

could not be delivered to all of its recipients.
The following address(es) failed:

 <sascha.braun@xxxxxxxxxx>

The following text was generated during the delivery attempt(s):

<sascha.braun@xxxxxxxxxx>
   (reason: 550 This message contains malware
(winnow.malware.wa.webinjection.1450.UNOFFICIAL))

------ This is a copy of the message, including all the headers.

Received: from [192.168.1.110] (helo=mailin01.ims-firmen.de)
	by mail01.ims-firmen.de with esmtp (Exim 4.69)
	(envelope-from<php-general-return-309188-sascha.braun=immosky.ch@xxxxxxxxxxxxx
)
	id 1PCiPJ-0001i7-R8
	for sascha.braun@xxxxxxxxxx; Mon, 01 Nov 2010 01:37:53 +0100
Received: from pb1.pair.com ([76.75.200.58] helo=lists.php.net)
	by mailin01.ims-firmen.de with esmtp (Exim 4.72)
	(envelope-from<php-general-return-309188-sascha.braun=immosky.ch@xxxxxxxxxxxxx
)
	id 1PCiPs-00047o-Sb
	for sascha.braun@xxxxxxxxxx; Mon, 01 Nov 2010 01:38:29 +0100
Authentication-Results: pb1.pair.com header.from=tamouse.lists@xxxxxxxxx
; domainkeys=bad
DomainKey-Status: bad
X-DomainKeys: Ecelerity dk_validate implementing draft-delany-
domainkeys-base-01
X-Host-Fingerprint: 76.75.200.58 pb1.pair.com
Received: from [76.75.200.58] ([76.75.200.58:2084]  
helo=lists.php.net)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id EF/73-24094-FDB0ECC4 for<sascha.braun@xxxxxxxxxx>; Sun, 31 Oct
2010 19:37:51 -0500
Received: (qmail 51732 invoked by uid 1010); 1 Nov 2010 00:37:02  
-0000
Mailing-List: contact php-general-help@xxxxxxxxxxxxx; run by ezmlm
Precedence: bulk
list-help:<mailto:php-general-help@xxxxxxxxxxxxx>
list-unsubscribe:<mailto:php-general-unsubscribe@xxxxxxxxxxxxx>
list-post:<mailto:php-general@xxxxxxxxxxxxx>
List-Id: php-general.lists.php.net
Delivered-To: mailing list php-general@xxxxxxxxxxxxx
Received: (qmail 51725 invoked from network); 1 Nov 2010 00:37:02
-0000
Authentication-Results: pb1.pair.com header.from=tamouse.lists@xxxxxxxxx
; sender-id=pass; domainkeys=bad
Authentication-Results: pb1.pair.com
smtp.mail=tamouse.lists@xxxxxxxxx; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates
209.85.214.170 as permitted sender)
X-DomainKeys: Ecelerity dk_validate implementing draft-delany-
domainkeys-base-01
X-PHP-List-Original-Sender: tamouse.lists@xxxxxxxxx
X-Host-Fingerprint: 209.85.214.170 mail-iw0-f170.google.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
       d=gmail.com; s=gamma;
       h=domainkey-signature:received:received:message-id:from:to
        :in-reply-to:content-type:content-transfer-encoding:mime-
version
        :subject:x-priority:date:references:x-mailer;
       bh=1SBvdJiJMqFW3oAPgBXlRPveD1uwTXHSzA8U6+E93g0=;

b 
=XHIyqG6ZzyCKVSLzyPdNuLXtAIWM1ny0zKFupfTsZgMElSrlCA1aJ9FpDUGvgHMQof
        0ygppTTq2fo3499HwTzbRYXQSJ4Z2NiEZfYHmwwoTmuenC9XjYbPk+ZUE3p
+6S4Okbsm
        sSzu18qFOWAGGhJ8dG8LfcDSfhKhRj3R57Yh4=
DomainKey-Signature: a=rsa-sha1; c=nofws;
       d=gmail.com; s=gamma;
       h=message-id:from:to:in-reply-to:content-type
        :content-transfer-encoding:mime-version:subject:x-
priority:date
        :references:x-mailer;
       b=CnWjshGm9zyFaRv0eUKJml94xT5U1Lb
+kEBb503a7VlYtSAWaZm4nK38otH7iJ+Bit
        wr77nJ0SSxoXmaQ/ljQ16IoSGhhXJ9Ew6lOaBE7ntbjibfYnnz7Yzi+sfGt
+8STXjHZx
        LP7Z8lk+uMvIH4gNDGw6CcqWawTHJ3Ll7PX7o=
Message-Id:<30708A14-2818-4B28-87F9-11DB56C40A73@xxxxxxxxx>
From: Tamara Temple<tamouse.lists@xxxxxxxxx>
To: PHP General<php-general@xxxxxxxxxxxxx>
In-Reply-To:<DC.91.40062.3516DCC4@xxxxxxxxxxxx>
Content-Type: text/plain; charset=US-ASCII; format=flowed;  
delsp=yes
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v936)
X-Priority: 3
Date: Sun, 31 Oct 2010 19:36:53 -0500
References:<15.34.06635.E1B1BCC4@xxxxxxxxxxxx>
<p06240800c8f1d19b992f@[192.168.1.2]>  <CE.B0.10139.73C2CCC4@xxxxxxxxxxxx
<94DF613C-6B40-4897-B101-21CF7D83A763@xxxxxxxxx>  <DC.91.40062.3516DCC4@xxxxxxxxxxxx

X-Mailer: Apple Mail (2.936)
Subject: Re:  Watermark with GD
X-Envelope-To: sascha.braun@xxxxxxxxxx
X-Envelope-From: php-general-return-309188-sascha.braun=immosky.ch@xxxxxxxxxxxxx
X-IMS-IP: 76.75.200.58
X-AV-scan: yes

On Oct 31, 2010, at 7:29 AM, Gary wrote:
Thanks for the reply, here is a link to the code of the page.

http://www.paulgdesigns.com/detailcode.php

Ok, that was pretty messy code. But what I could glean from it is
this. (See your code at http://pastie.org/1262989).

Line 238:<table border="2" cellpadding="0" width="100%"><tr><td
width="auto"><div class="WADADetailsMainImageArea"><img
class="WADADetailsMainImage" style="border:#FFFFFF 6px solid"
src="images/<?php echo $row_WADAimages["image_file"]; ?>" alt="<? 
php
echo $row_WADAimages["description"]; ?>" /></div></td><td  
valign="top"
width="25%">  <div class="WADADetailsSubHeading" style="padding- 
left:
15px;">This photo was taken in<?php echo
$row_WADAimages["where_taken"]; ?></div>

You've got an img tag there, indicating the src of:

	images/<?php echo $row_WADAimages["image_file"]; ?>

Is this the image file you want to watermark?

The code there has me confused. Is this all one script? Or is it
multiple scripts?

If it's all one script, it won't work the way you intend. The  
script
emits data before it gets to the point where you have set up to
watermark the image. Thus, the point where you call header to  
change
the Content-type won't work. Then there is more data emitted  
after the
image.

Am I reading this correctly? Is it all one big script?

If it is, what you really need to do, is at the point where you  
want
the watermarked image to appear, is put out some HTML like so:

<img src="watermark.php?src=images/<?php echo
$row_WADAimages["image_file"]; ?>" .. other stuff ..>

Then put that code you've got in lines 247-272 in the script
watermark.php and it should work as is.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Scan your computer just to be on the safe side with an antivirus  
that's
up-to-date. It's likely though that someone just has their filter
mis-configured, as I've seen a lot of messages bounce with odd  
replies
lately.

Thanks,
Ash
http://www.ashleysheridan.co.uk

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php