Some nasty person is forging my domain when sending out spam, due to the sheer volume of bounce messages I’ve had to set some lesser used incoming email addresses to :fail:
Unfortunately, there’s little I can do, the email never came from a machine under my control - it’s trivially easy to fake a ‘from’ address. Also the the forged address varies dramatically so I can’t just block that - and there doesn’t seem to be anything standard in the bounce messages that I can kill.
If you’re at this site as you’ve received said spam, my apologies - it wasn’t me. Honest. While you’re here, please feel free to have a look around.
Please examine the headers closely and get their real account canned!
I don’t see the full headers often, as often they are cut from the bounce messages, and most of the time it’s all I can do simply to seperate these bounces from the real email I’m getting.
All Posts
2 Comments
I had the same problem a few months back, I was getting hundred’s a day bouncing back.
A few days ago I started receiving spam from my own domain which some numpty has forged, with different bits before the @ part of the email address, luckily my spam filter gets those.
(Edit: I hate that there is nothing I can do. An easy solution would be if there were an email header with an admin configurable string in there. It would always be quoted in a bounce message, it wouldn’t stop the spam being sent, but it would allow admins to recognise a real bounce from a faked bounce - and if it ever got forged it’s a 2 second job to change. Part of the difficulty is that I’ve been using different email addresses for different signups, and haven’t got a note of them all, relying on the ‘catchall’. Ho hum! - Murk)
I had to turn off my nobody accounts because of it, anything sent to an address that didn’t exist used to get to me, now they just get a server provided bounce.
Two domains, both have been spoofed for over 2 years, the amount of spam is horrible. Ah well. At some point spoofing will become a lot harder, but only when they agree a standard secure SMTP method.
(Edit: I’ve done a similar thing. The trouble is that I’ve been handing out random nobody addresses for a while now (the thinking being to be able to tell who gave addresses to spammers) - if anyone uses them, then they get an automatic reply now. The weak point is mailing lists and password reminders, but if I need to I can reinstate all nobody addresses for the duration of password reminders, and I think I’ve got all mailing lists covered - Murk)