SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Zealot Jeff Hester's Avatar
    Join Date
    May 2002
    Location
    Sunny Southern California
    Posts
    138
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Problem with spam and spoofed email addresses

    I'm not sure if this is the correct forum--Moderators, please move if appropriate.

    I have a vexing problem with someone sending spam with fake "from" email addresses supposedly at my domain (i.e. "ehdacywjkg@bigblueball.com"). We have a mailserver, but we do not provide an open SMTP service, and checking the logs it's clear that they aren't actually being sent from our server. But my catch-all account is getting the hundreds of bounces that their spam is producing.

    I'm concerned that this action might lead to my domain being blacklisted and the domain reputation tarnished by this spam.

    Is this a real concern? Is there anything I can do about it? How do I know if my domain does end up blacklisted by an ISP? Is there any way to fight back against this insidious abuse?
    Jeff Hester
    BigBlueBall | My latest project: SoCal Hiker

  2. #2
    SitePoint Wizard HarryR's Avatar
    Join Date
    Dec 2004
    Location
    London, UK
    Posts
    1,376
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi,
    Theres really not much you can do if their just spoofing the 'From:' header in the email, and not acually going through your SMTP server. And because your SMTP server isn't acting as an open relay for this spam it's highly doubtful that you would get added to a global RBL (company admins blocking your domain on an incident basis may be a completely different story).

    I suggest you tackle the problem at source: lookup the originating SMTP server and apply for an open-relay test for that server at one of the many RBL (e.g. http://www.spamcop.net/bl.shtml , http://www.dnsbl.nl.sorbs.net/ or the many listed at http://rbls.org/ ). If the originating SMTP server does get blacklisted, you may continue getting bounced messages, so the only next step I can assume is directly contacting the netblock owner of the originating SMTP server and filing an abuse report.

    Regards,
    Harry

  3. #3
    SitePoint Enthusiast
    Join Date
    Mar 2005
    Posts
    93
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi Guys,

    I have a similar problem if you care to look:
    http://www.sitepoint.com/forums/show....php?p=1856302

    Cheers,
    Paul.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •