I think i'm being used to send spam - Please Help!

[cetutnx1]

Today i was reading my email when i found this:

A message from <XXXXXXX> to:
-> <info> at <cestpasdesmanieres><.><org>

was considered unsolicited bulk e-mail (UBE).

Our internal reference code for your message is 28729-02/HnM0Cuiw+yGZ

The message carried your return address, so it was either a genuine mail
from you, or a sender address was faked and your e-mail address abused
by third party, in which case we apologize for undesired notification.

We do try to minimize backscatter for more prominent cases of UBE and
for infected mail, but for less obvious cases of UBE some balance
between losing genuine mail and sending undesired backscatter is sought,
and there can be some collateral damage on both sides.

First upstream SMTP client IP address: [87.249.15.103] unknown
According to a 'Received:' trace, the message originated at: [87.249.15.103],

Return-Path: <XXXXXXX>
Message-ID: <20070517093711.10525.qmail@opt2>
Subject: RE: MensHealth! - 1102185

Delivery of the email was stopped!

I have only 1 script in my page that sends email and i beleave that it was secure...

I'm going to post the script... to see if any one can helpme..., what i need moustly is a page("Tutorial type"), where i can see my errors, or if any one here can helpme
Edit:
I speak spanish, so this script is a little bit on spanish

<?php
define('ACCESS', true);
require("config.php");
$title="Centro de Estudiantes Tecnólogicos - Agregar Mail";
$display = "yes";
include("includes/header.inc");
include("includes/top.inc");
?>
<!--Contenido-->
   <div id="contenido">
    <a name="arriba" id="arriba">&nbsp;</a>
    <h1>Agrega tu E-Mail</h1>
<?php
if( $action == "" ) {
	$email = $_POST['email'];
	$email = trim($email);
	$email = strtolower($email);
	//Chekeo que algunas de las variables principales esté vacía
	if( ($email == "") || ($carrera == "") ) {
		if($email == "") {
			printf("$messages[blanke]\n");
		?>
   </div>
<!--/Contenido-->
<?php
			include("includes/menu.inc");
			include("includes/footer.inc");
			exit;
		}
		elseif($carrera == "") {
			printf("$messages[blankc]\n");
		?>
   </div>
<!--/Contenido-->
<?php
			include("includes/menu.inc");
			include("includes/footer.inc");
			exit;
		}
	}
	else {
		//Chequeo que exista el archivo, de lo contrario lo creo
		if(!file_exists($file)) {
			$newfile = fopen($file,"w+");
			$out="Dirección de correo electrónico";
			fwrite($newfile, $out);
			fclose($newfile);
		}

		//Abro el archivo
		$allf = "newsletter/lists/contactos_all.csv";
		$all = fopen($allf,"r");
		$contentall = fread($all, filesize($allf));
		$out="";
		
		//Abro el archivo
		$newfile = fopen($file,"r");
		$content = fread($newfile, filesize($file));
		
		//Separo los email
		$linesall = explode("\n",$contentall);
		$lines = explode("\n",$content);
		
	
		//Checkeo en el archivo por una direccion de email existente
		foreach ($lines as $l) {
			foreach ($linesall as $la) {
				if( ($l != $email) && ($la != $email) ) {
					$out .= $l;
				}
				else {
					$found=1;
	        	}
        	}
		}
		//Cierro el archivo
		fclose($newfile);
		fclose($all);
		
		//Hago algunas comprobaciones...
		if ($found==1 || $email=="" || !checkmail($email) || preg_match("/".$config['domain']."/",$email)){
			if($email == "") {
				printf("$messages[blanke]");
			}
			elseif($found == 1) {
				printf("$messages[exist]");
			}
			elseif(!checkmail($email)) {
				printf("$messages[notvalid]");
			}
			elseif(preg_match("/".$config['domain']."/",$email)) {
				print("$messages[yourown]");
			}
		}
		else {
			$allf = "newsletter/lists/contactos_all.csv";
			$newfile = fopen($file,"a+");
			$all = fopen($allf,"a+");
			$add = "\n".$email;
			fwrite($newfile, $add);
			fwrite($all, $add);
			fclose($newfile);
			fclose($all);

			// Cabeceras adicionales
			$cabeceras = "";
			$cabeceras .= "From: ".$config['from']. "\r\n";
			$cabeceras .= "Reply-To: info@cet-utn.com.ar\n";
			$cabeceras .= "Date: ".$mail['fecha']."\r\n";
			$cabeceras .= "X-Priority: 1\n";
			$cabeceras .= "Importance: High\n";
			$cabeceras .= "X-MSMail-Priority: High\n";
			$cabeceras .= "X-Mailer: PHP/".phpversion()."\r\n";
			$cabeceras .= "MIME-Version: 1.0\r\n";
			$cabeceras .= "Content-type: text/html; charset=iso-8859-1\r\n";


			$mail['mensaje'] = wordwrap($mail['mensaje'], 70);


			//Envio un mail de confirmación de subscripción
			if(mail($email, $mail['asunto'], $mail['mensaje'], $cabeceras )) {
				printf("$subscribe[ok]");
			}
			else {
				printf("<p style=\"text-align: center; font-weight: bold; font-size: 15px; color: red;\">A ocurrido un error por favor contactese a <a href=\"mailto:info@cet-utn.com.ar\">info@cet-utn.com.ar</a></p>");
			}
		}
	}
}
elseif ($action == "remove") {
	$email = $_GET['email'];
	$email = trim($email);
	$email = strtolower($email);

	//Abro el directorio de contactos
	$listdir = "newsletter/lists";
	$lists = array();
	$lists_dir = opendir($listdir);
	while (false !== ($files = readdir($lists_dir))) {
		//Omito los directorios . y ..
		if ( $files != "." && $files != ".." ) {
			$lists[ ] = $files;
		}
	}
	//Acomodo las listas por orden alfabetico
	sort( $lists );
	$xlists = array_values( $lists );
	
	//Esto devería permitir buscar en todos los archivos
	//dde contactos para borrarlo de todos lados
	foreach ($xlists as $xlist) {
		
		//Indico que el archivo devería estar en
		// newsletter/lists/contactos_carrera...
		$file = $listdir."/".$xlist;
		$newfile = fopen($file,"r");
		$content = fread($newfile, filesize($file));
		$out = "";
		
		//Separo los email
		$lines = explode("\n",$content);

				//Checkeo en el archivo por una direccion de email existente
		foreach($lines as $l){
			if( $l == "Dirección de correo electrónico" ) {
				$out .= $l;
			}
			elseif( $l != $email ) {
				$out .= "\n".$l;
			}
			else {
				$found = 1;
       		}
		}

		//Cierro el archivo
		fclose($newfile);

		if ($found == 1){
			$newfile = fopen($file,"w+");
			fwrite($newfile, $out);
			fclose($newfile);
		}
	}
	if ($found == 1){
		printf("$unsubscribe[ok]");
	}
	if ($found != 1){
		printf("$unsubscribe[failed]");
	}
	closedir($lists_dir);
}
?>
    <span style="display: block; font-size: 10px; padding-top: 10px; padding-bottom: 10px; text-align: center; color: #cfcfcf">Designed by Shark Software Inc.</span>
   </div>
<!--/Contenido-->
<?php
include("includes/menu.inc");
include("includes/footer.inc");

?>

 

[MicrotechXP]

Are you sure its not spam?

 

[dest581]

Unless 87.249.15.103 is an x10 IP address, the address itself was faked, and the form is safe. Unless I read the email you got wrong.

 

[Livewire]

I doubt he read it wrong; I received one of those a few months ago with similar information, but a different website.

The irony is I don't recall ever being able to send emails from a freewebs account, so I somehow doubt I actually was sending spam


I'd just ignore it until you get a bunch more. Worked for me, and I still haven't gotten my second

 

[dest581]

My point was that the IP address listed wasn't an x10 address.

 

[Livewire]

My point was that the IP address listed wasn't an x10 address.

Mine was I got one almost identical, and I know I wasn't sending stuff from my website since it wasn't possible. Good point on the IP though, can't see how I spaced right over that the first time through >_<

Now I'm REALLY all but 100% sure it's nothing to worry about XD

 

[Micro]

Yeh, its someone sending email to you from outside X10... One clue is the Subject: RE: MensHealth! - 1102185
bit...

Me thinks thats spam . I.e. UBE
Edit:
WHOA, hang on. >>> RE <<< Is that form on your website password protected at all? Just checking

Most likely someone forged the outgoing email address and so it's being backscattered to you, just ignore it as that IP address is not one of X10's as far as i know.

 

[cetutnx1]

No, the form isn't password protected since it's a subscription from to a newsletter...

But since you think that this email i got is spam, i'm going to live it there, thanks everybody for your help.

Gonzalo.