[selowitch]

Somebody has been sending out spam e-mail from our domain using non-existent usernames with our domain name. Are there any ways (short of adding something expensive like SenderID) to counter this? It's very irritating and could turn into something more damaging.

[Chuckit]

It depends on what you mean by "counter this." As you probably know, it's impossible to stop somebody from saying an e-mail comes from any address they like, fictional or not. Otherwise Paypal would have done it a long time ago.

[meelk]

Originally Posted by selowitch

Somebody has been sending out spam e-mail from our domain using non-existent usernames with our domain name. Are there any ways (short of adding something expensive like SenderID) to counter this? It's very irritating and could turn into something more damaging.

welcome to life? seriously this has been happening to me for years randomly. it happens to everyone as far as i know.

[selowitch]

Well, what would you do? They're sending stuff out that appears to be from us and it includes attachments that could contain viruses. Can I identify the perps and have them thrown in jail where they belong?

[selowitch]

Originally Posted by meelk

welcome to life? seriously this has been happening to me for years randomly. it happens to everyone as far as i know.

Well, the difference in this case is that I know about it, because the spurious messages keep coming back to me. If I wasn't so aware of it, it would probably bother me less.

[stevesnj]

Originally Posted by selowitch

Somebody has been sending out spam e-mail from our domain using non-existent usernames with our domain name. Are there any ways (short of adding something expensive like SenderID) to counter this? It's very irritating and could turn into something more damaging.

I have my own domain and mail server in my closet and I clicked allow server to be used as relay....before I knew it I had almost 1000 spam e-mails sent from my domain using different users and my domain. Needless to say my domain was put on a blacklist as a spammer which I shouldnt be on. How do you serve your e-mail? Is it configured by the webhost or you? I would contact the host immediately and tell them the issue. Most likely your on a blacklist which I found out is almost impossible to get off. Well my SMTP server domain is blacklisted. Not good

[selowitch]

It's a webhost domain that also offers e-mail (pointinspace.com). I've already e-mailed by sysadmin.

[tooki]

Originally Posted by stevesnj

I have my own domain and mail server in my closet and I clicked allow server to be used as relay....before I knew it I had almost 1000 spam e-mails sent from my domain using different users and my domain. Needless to say my domain was put on a blacklist as a spammer which I shouldnt be on. How do you serve your e-mail? Is it configured by the webhost or you? I would contact the host immediately and tell them the issue. Most likely your on a blacklist which I found out is almost impossible to get off. Well my SMTP server domain is blacklisted. Not good

Well no offense, but you deserved to be blacklisted, because it's exactly this type of casual attitude towards relaying that helped spam catch on to begin with.

tooki

[ghporter]

Originally Posted by selowitch

It's a webhost domain that also offers e-mail (pointinspace.com). I've already e-mailed by sysadmin.

That's about the best thing you can do. Most of the time, you find out that it's somebody spoofing a real user and you get a huge number of bounced "unknown user" or "mailbox over quota" messages because the spammer doesn't care how many misses he gets, as long as he gets some hits.

[besson3c]

Chances are a mindless script is generating the email messages, and not a person. Anymore, it's virtually impossible to track down the source of spam, unless you are willing to devote a lot of time to it.

I think that a lot of spam would be cut down if mail relays required authentication. It also makes for easier portability, and convenience when you take your laptop off of your ISP's LAN.

[Diggory Laycock]

Sender-ID is no good - use SPF instead - it's free and open and unencumbered by patents.

It's not guaranteed to prevent spoofing - but SMTP servers that do use it will not pass on spoofed mail.

If you have control of your DNS add an SPF record to your DNS records.

If you don't have control of your DNS - email your host and ask them if they'll support SPF or add the record.

http://spf.pobox.com/

http://spf.pobox.com/wizard.html

[besson3c]

Greylisting is also a *very* effective anti-spam technique. I use Postgrey on my server.

[turtle777]

Originally Posted by selowitch

Can I identify the perps and have them thrown in jail where they belong?

Sure, just fill out the form and that's it. Never ever you will be spammed or your domain name abused again.

www.throwthatfarkinspammerinjail.com/form

-t

[Scifience]

Originally Posted by turtle777

Sure, just fill out the form and that's it. Never ever you will be spammed or your domain name abused again.

www.throwthatfarkinspammerinjail.com/form

-t

It says server down

[turtle777]

Originally Posted by Scifience

It says server down

Hope you are kiddin'

It was A JOKE ! Duh !

-t

[Scifience]

Originally Posted by turtle777

Hope you are kiddin'

It was A JOKE ! Duh !

-t

Yes, I most certainly was kidding.

I administer a few dozen servers on multiple DS-3s, so I know a thing or two about this stuff.

[turtle777]

Originally Posted by Scifience

Yes, I most certainly was kidding.
I administer a few dozen servers on multiple DS-3s, so I know a thing or two about this stuff.

Good for you

-t

[meelk]

Originally Posted by selowitch

Well, the difference in this case is that I know about it, because the spurious messages keep coming back to me. If I wasn't so aware of it, it would probably bother me less.

how do you think I know about it? I get return email as well. get over it.

[stevesnj]

Originally Posted by tooki

Well no offense, but you deserved to be blacklisted, because it's exactly this type of casual attitude towards relaying that helped spam catch on to begin with.

tooki

It was an accident...I never would intentionally relay my server....and yes i am offended...jk