SitePoint Sponsor

User Tag List

Results 1 to 12 of 12

Thread: email abuse

  1. #1
    SitePoint Enthusiast gostats's Avatar
    Join Date
    Oct 2003
    Posts
    52
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Unhappy email abuse

    I've recently been the victim of forged email headers. Spammers are inreasing forging headers of email to get their email out and in some cases to harm the good name of the address used in the forgery.

    For the most part it's really annoying and can be simply ruled out by the keen acuser. Often it takes an explaination email to those who don't throughly investigate the headers and hence send angry emails to the victim address.

    Unfortunately it gets worse. Just a couple days ago some unknown person is sending what seems to be an email bomb of random subject and from fields.

    Does anyone have any experence in dealing with email bombs?

  2. #2
    SitePoint Guru biggazillakilla's Avatar
    Join Date
    Aug 2003
    Location
    San Francisco USA
    Posts
    982
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    If they're from the same address, just set up a filter to block that address. You can do this in Outlook or on your server, if your web host has filters installed.

  3. #3
    SitePoint Enthusiast gostats's Avatar
    Join Date
    Oct 2003
    Posts
    52
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The from address is a random 'spoof' of various emails from popular domain names.

  4. #4
    SitePoint Enthusiast gostats's Avatar
    Join Date
    Oct 2003
    Posts
    52
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'm more worried about my mail server being overloaded and bouncing real emails from legitimate people. If I filter it out in Outlook the high load will still be there.

  5. #5
    SitePoint Guru biggazillakilla's Avatar
    Join Date
    Aug 2003
    Location
    San Francisco USA
    Posts
    982
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    So all the info is spoofed, and the other stuff is random, yet you somehow know it's from the same source?

    Can spam filters get rid of it? My webhost has pretty good spam filters, and I'm down from 300-500/day to low double-digits/day.

    If it really is some pernicious and persistent attacker, s/he'll just go away after some time, I think.

  6. #6
    SitePoint Enthusiast gostats's Avatar
    Join Date
    Oct 2003
    Posts
    52
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yeah. All the info seems to be spoofed. The reason I can tell it is from the same source is because the random subjects repeat every 50 or so. Also the messages are usually empty or contain some random strings or random (non virus) attachments.

    As far as going away. I've been hoping on that for the last couple days.

  7. #7
    SitePoint Guru biggazillakilla's Avatar
    Join Date
    Aug 2003
    Location
    San Francisco USA
    Posts
    982
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Actually, I've been getting some bizarre emails lately, too, but I just assumed they were virus/worm-related.

    Are any of them like this by any chance?

    <p>Th</trw>e ul</parke>timate d</handclasp>igital

  8. #8
    SitePoint Enthusiast gostats's Avatar
    Join Date
    Oct 2003
    Posts
    52
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I wish it was just a virus. The characteristics of the email don't follow that of a virus. Plus it seems to be sent through my backup mail server only. (like it is being specifically targeted)

  9. #9
    SitePoint Guru wild boar's Avatar
    Join Date
    Aug 2003
    Location
    illinois
    Posts
    793
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I was a victim of forged email headers. I don't think they were actually forged, they somehow sent mail from my server?

    Anyways, to make a long story short, aol blocked my mail server and I had to switch all of my accounts to another host because the server wouldn't switch my account to another one of their servers.

  10. #10
    SitePoint Enthusiast gostats's Avatar
    Join Date
    Oct 2003
    Posts
    52
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    My mail server is outsourced to a popular email service provider. I assume that they don't have any holes in their service. I know that the email isn't comming from any of my web servers since I don't have any services running sendmail/etc.

  11. #11
    ********* Addict jaiem's Avatar
    Join Date
    Dec 2000
    Location
    New York, USA
    Posts
    1,006
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Are they really forging the whole header? Or just the FROM address?

    If the former, that would seem to me to be very difficult. But if the latter, well anyone can put anyone else's email address in the FROM part. A quick look at the headers will prove it did or did not come from the same domain.

    But yes, I agree. It's very much a problem. I suspect legal cases will be brought over claims of spam due to forged/pirated email address in spams.
    Ocean View Host - Affordable web hosting plans for any business.
    Modern Technology, Old Fashioned Value & Service!
    U.S. Merchant Services - Reliable merchant account services for all business!
    Quality People Providing A Quality Service!

  12. #12
    SitePoint Guru wild boar's Avatar
    Join Date
    Aug 2003
    Location
    illinois
    Posts
    793
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I don't remember off hand, but I do know they were sending it from my mail server, and got banned from aol


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •