Printer Friendly Version
Email this thread to a friend
|
Featured Web Site Template |
|
Reflects user activity within the last 5 minutes
|
|
| Member |
Message |
Curt
Joined: Eons Ago
# Posts: 3747
|
Posted: 2007-Dec-27 11:33
Does anyone have good ideas of how to stop a spammer from using your email address as the sender for spam? (known as spoofing email addresses)
I've recently had a few of my domains targeted for use as spoofed addresses for spammers. Some of these email addresses they are using in connection to my domains do not even exist, but it causes extra server resources to handle bounced messages coming from other recieving servers where the recipient address does not exist. Then my server replies back that the address doesn't exist on my end and sends a reply back to that non-existant addy and of course that generates another bounce.
Has anyone found an effective simple solution to this problem that plagues web site owners?
|
 |
Dinkar
Staff
Joined: Aug 12, 2001
# Posts: 4391
|
Posted: 2007-Dec-27 12:31
If my email address is dinkar@examplesomedomain.com then I use this:
dinkar {AT} somedomain {DOT} com
[ Message was edited by: JimBot 12/27/2007 03:08 pm ... Reason: De-linked example email address. ]
|
|
Dinkar
Staff
Joined: Aug 12, 2001
# Posts: 4391
|
Posted: 2007-Dec-27 12:34
I think I mis-read your post. Sorry 
|
|
Curt
Joined: Eons Ago
# Posts: 3747
|
Posted: 2007-Dec-27 19:37
Thanks for the reply.
Yep, yah misread my post 
The problem is someone is randomly selecting some address (for example: some.made.up.addy @ one-of-my-domains.com) and making it look like the sender of the spam with spoofed addy. Spammers can make up any email addy with your domain name and use it as they please. So far, I don't have any good and simple methods to stop that crap from happening. They of course can use your own real address if they can somehow find out what that is. However, I've made that option nearly impossible to do with my method of anti-spam fighting technics (note I get literally between 5-10 spams a year, all without the use of anti-spam filter software from vendors).
The spammer creates a fake email address with my domains or uses one of my autoresponder addys which do not forward email or spam back to me. In fact everyone here can fall victim to this practice if you have a domain that is visible (most everyone here owns a domain name). If you haven't notice this yourself, thank your lucky chickens especially if you run your own mail server.
BTW, you might want to unlink that addy you posted
|
|
g1smd
Staff
Joined: Jul 28, 2002
# Posts: 10465
|
Posted: 2007-Dec-27 23:10
Some of those emails are from virsues controlled via a botnet.
[ Message was edited by: g1smd 12/29/2007 11:04 am ]
|
|
Curt
Joined: Eons Ago
# Posts: 3747
|
Posted: 2007-Dec-29 06:29
g1smd, I'm not talking about spammers grabbing my email addresses from other people's address books. These spammers are generating a fake email address out of my domain. Say for example I have domain “somedomaintobespoofed.com”. Spammer sets “123contact @ somedomaintobespoofed.com” as the sender only I do not have that address in operation nor have I ever used it. Do you see the delema? They are creating addresses with my domains that do not exist to use as spoofed sender addresses.
They don't even need a spambot to gather addresses. Spammers just make them up. However, my server is forced to handle all the bounced messages and then the messages bounce from my server too because that sender address is non-existent. A bouncing war ensues until a server stops after a predetermined number of bounces have happened. And that's where the real problem is.
...now, how to stop this crap... hmmm...
|
|
Quadrille
Joined: Nov 15, 2000
# Posts: 1064
|
Posted: 2007-Dec-29 10:58
I don't think there's any way to stop it (though be sure to set them up to delete all incoming mail).
Anything you do will simply draw attention to the addy - and thus make it more valuable for the spammers.
They tend to move on after a while.
|
|
g1smd
Staff
Joined: Jul 28, 2002
# Posts: 10465
|
Posted: 2007-Dec-29 19:05
I said nothing about how they got your email address, only where the spam you are getting is coming from.
|
|
Curt
Joined: Eons Ago
# Posts: 3747
|
Posted: 2007-Dec-31 03:10
Quadrille said:
Anything you do will simply draw attention to the addy - and thus make it more valuable for the spammers.
Quadrille, you'd think so, but I've been having this crap going on for more than 2 months at least. It may have been going on for quite a bit longer than that too—just took me some time to get wise to it.
How would it be valuable? They are using addresses as the sender that do not exist for the sole purpose of sending spam and unfortunately it's tied to my domains causing my server to deal with all the 1000's of bounces each day. It's not right.
MAN, I'D LIKE TO POUND ON THESE IDIOTS WITH A BAT!
g1smd said:
I said nothing about how they got your email address, only where the spam you are getting is coming from.
My mistake—thought that's what you were talking about from the mistaken inference I gathered. You are right and thanks.
|
|
Curt
Joined: Eons Ago
# Posts: 3747
|
Posted: 2007-Dec-31 03:18
Another thing, if it is happening to me, then it can happen to anyone. What will you do when your server is suddenly inundated with 1000's or even 10,000's of bounces per day perhaps causing your other legit traffic to get “server too busy” messages at peak times. This is another form of DoS attacks tied to spam. See the problem?
|
|
Quadrille
Joined: Nov 15, 2000
# Posts: 1064
|
Posted: 2007-Dec-31 09:56
I see the problem - but it's one you have to manage, as you cannot 'cure' it. Your host may be able to help - else set up some 'rules' to divert the bounces.
If the addy is your domain, be sure you have no set up for "anything name you like"@domain.com - only set up email addresses you actually use - that way, all other email and bounces are simply binned.
The reason I warn against grabbing the baseball bat is simply that it's almost certainly not in your country, and therefore you will not win - and these spammers act randomly and as the mood takes them; sooner or later they'll move on.
But if you make a (futile) fuss, they'll continue to use yours (a) to spite you and (b) because if you have demonstrated that you exist, it's easier for them to pretend to be you (ie a real person, not a bot).
The downside, of course, is that the addy will get branded as spam and be useless either way.
That's why it's essential to only set up the ones you use, that way you can change to a new one at the same domain.
eg I went from quadrille1 to quadrille2 .... I'm currently on 5, but still use 3 when writing to spammers, and on usenet.
If you allow "any name"@domain.com, then soon the whole domain becomes useless.
|
|
You are not permitted to post messages in this forum or topic, because of one or more of the following reasons:
- You have not yet logged in, or registered properly as a member
- You are a member, but no longer have posting rights.
- This is a private forum, for which you do not have permissions.
If you are a recent member, it's possible that you simply have not yet confirmed your account. Please
check your email for a message entitled 'JimWorld Forums: Confirm Your Account' and follow the instructions
contained within.
If you cannot find this message, click here to Re-Send it.
|
If you are still experiencing problem, please read the
Login Assistance
Article for some advice on what may be causing your login not to work properly.
|
Switch to Advanced Editor and ...
Create a New Topic
or Reply to this Thread
|
|
Inbox
