Someone posted about this earlier and it was prematurely marked as solved. They were talking about the mass of emails that look like the below screenshots. They are not emails that were actually sent from the email address as is assumed in the solution. They are mass random failures. They are accompanied by emails from GoDaddy support to the admin account saying that the account's password may be compromised and to change it as soon as possible and that sending from 3rd party clients will be suspended until the password has been changed.
Here's the thing, this has happened on 4 of the email accounts in my domain and I have already changed the password on one of them and it's still occurring. These are all different passwords used by different people and the passwords are of the very strong variety.
What's the likely hood of this happening outside of an issue with GoDaddy itself? It appears many others hosted by GoDaddy are experiencing the same situation.
Solved! Go to Solution.
My Emails to Gmail were bouncing with the following error: Delivery to the following recipients was aborted after 20.6 hour(s)
I struggled with this issue for over two months now. The solution, and the only solution that worked for me, is to add
I am suspicious too about the godaddy servers. one email acct is sending me tons of these even though the send file shows no one has sent from inside the acct. changed passwords just in case.
You cant contact godaddy on this,all we have is this board. I think there is a godaddy email compromise somewhere as well. Please let me know if you find out anything. It has happened before but stops. I think a robot mimics or creates a fake email camo'ing as your email. Just like a robo call but these are robo emails.....idea? here is one of mine, but they all basically look the same and are generated in Asian.
Reason: There was an error while attempting to deliver your message with [Subject: "270560558"] to firstname.lastname@example.org. MTA p3plsmtpa06-07.prod.phx3.secureserver.net received this response from the destination host IP - 188.8.131.52 - 550 , 550 Mail content denied [N/rJhc+WcLEC4Q0iLDi4uQNnHL7c3ozBzfTCHn3NZ3QdMLFfZzqobMw=]. http://service.mail.qq.com/cgi-bin/help?subtype=1&&id=20022&&no=1000726
After going through the process of changing my password THREE TIMES, I am finally back in my email account. There were a ton of returned/undeliverable email messages which I never sent, so I'm not sure what happened. It would be nice to know what gives here. SMH
I'm having the exact same issue and followed the same steps of changing all passwords. As there are no other actionable step that we can take, will someone from GoDaddy please investigate the servers to confirm that nothing has been compromised?
Go to this topic: Unauthorized email useage
This explains what happened and how to address it
That doesn't explain whats happening in the slightest.
You're saying that different accounts used by different people across the country, that have changed their own passwords from their own locations, were all compromised by a key logger or malware of some sort? So the same malware on all those machines that are not co-located. On top of that there is an account that is idle, it's never been used and only accessed via the control panel is getting them as well. Did you even read my original post?
Did you read the whole thing I referenced? - Obviously not.
I guessed you missed the spoofing part. That was what happened in my case and fixing the DNS solved the problem.
Yes I read the entire article you referenced. I have long had an SPF statement in the hosts file to prevent this. Next you can explain how accounts that have never been used and don't exist outside of the control panel are being spoofed.
While I suspect GoDaddy has issues, fixing the DNS zone worked for me.
As far as your spoofing question, any email (existing or not) can be spoofed.
I am having the exact same issue on two of my four email accounts. I, too, have changed my passwords a number of times, and yet, this morning, it has happened again. The email relay usage shows the increase in usage on one account of 233 and 0 on the other. Neither account have a password that is used anywhere else.
I've called now at least four times and spoken to them on online chat a few more. This issue is NOT solved. I've changed the password on the account in question five times and am still receiving DOZENS OF these emails every day. I'm going to take my email accounts and put them with Liquid Web. This is ridiculous.
You have it worse than I do. Since I don't use these emails to send from, I set the relay to 0. I will leave it there until godaddy gets their situation squared away.
Having the same issues for a couple of weeks. Ran virus scans 100 times.... Changed passwords 2-3 times a day and still having the issue. Today I could not download any files.
Finally resolved and figured it out.
Go to add and remove programs.
Uninstall your Google Chrome.
Do not reinstall it when asked to.
Go to internet explorer or another browser and search for Chrome.
reinstall Google Chrome from there.
Then log in and once again change your password thru Godaddy.
This has worked for me and hoping it might resolve someone elses problem in here. I still feel this is a Godaddy issue and a virus.
My webmaster went in and changed the DNS record (My site is not hosted on godaddy) and I thought that the issue was resolved. But it's not. I awoke to dozens more *spoofing* emails. And this is clearly a GoDaddy issue. I'm moving my email accounts to a company that values my business and keeps me safe.
Thank you AlbertaArchery. I have the same issue this week again even after changing my password.
First I enabled two step verification in my go daddy account just in case someone had access. But I think this is a case of spoofing. So....I went on the chat with GoDaddy and the rep added the SPF text into my DNS domain that was mentioned in the link someone shared. I hope that fixes it. I will try to update this after I see if there are more failed messages.......
Update on my case - the SPF (or whatever it is) file change in the DNS apparently has not worked. Still getting about 20 bounced fake emails a day. GoDaddy said it would take a few days for the change to be effective but its been 4 days so far.
Next step is to uninstall and re-install the browser as was suggested (going to the browser download site to get the exec file). I am using firefox and chrome so I will have to do both I guess, but I will start with Chrome first as the poster did.