Possible mailform hijack - or just fake 'from' address?
Having just received more than a dozen 'delivery delayed' and 'undeliverable' emails, I'm wondering whether my on-site mailform has been abused or whether someone is sending mail with a faked 'from' address which corresponds to a domain of mine.
I've had sporadic instances of this previously - about which I've done nothing as I wasn't sure what to do/was too busy/couldn't be bothered. But this quantity makes me take it more seriously.
Obviously the potential for getting my domain mail-blacklisted bothers me - and as there's little I can do about others sending stuff with a faked 'from' address, the issue here is the possible mailform hijack.
The subjects are jibberish (example: "Hjcevpj Pumjr Uuxszpr"), but I'm wondering if this might be because they're being sent in a non-English charset, and the recipients are varied.
Here's an edited example header of the 'bounce' messages, which shows my glvr.com domain as the sender:
Received: from vourpvqu (126.96.36.199) by mail.clstechnology.com
(188.8.131.52) with Microsoft SMTP Server id 14.1.270.1; Mon, 10 Jan 2011
From: Zhgagoo <email@example.com>
Subject: Omwcfnnsb Svnztqyg
Content-Type: multipart/mixed; charset="GB2312";
Date: Tue, 11 Jan 2011 03:29:42 +0800
X-MS-Exchange-Organization-OriginalArrivalTime: 10 Jan 2011 19:31:07.4458
All have the same mail.clstechnology.com component, despite being sent to different domains.