I’ve had a spammer spoof my domain email address many times over the last year or so. In the last 2 hours I’ve had a flood of messages from Mail Delivery Subsystem notifying me of undeliverable mail. I can barely keep up with them.
Not to mention some of the pissed off recipients emailing me back to inform me that I am lower than scum…this really pisses me off because the spammers are using my business email and it is giving my business and domain a bad name. My God I don’t even know what Viagra looks like yet apparently I am a mass marketer of it.
I’m not going to stand by and let this happen without putting up a fight. Unfortunately I do not have a clue how to fight back.
Could any of you point me to information on how to track down these bastards? I realize that I can never win this battle but there have got to be some options here. Are there any actions I can take?
Others will be more qualified than I, but to stop the mass of returned messages, get your domain host admin people set up a filter, so any message with a certain phrase gets deleted.
This will allow your legit mail to come thru, and not make you wade thru heaps of trash.
My ISP utilizes Spam Assassin for an email filter and I have had GREAT results in filtering out spam at the mail server level. What I am more interested in however, is not finding a way to ignore whomever is spoofing my address, but to find a way to fight back. If that means learning how to trace the real sender through IP logs and such, then I will.
If any of you can provide links to sites that would teach me more about this subject, or if you have personal anecdotes, I would appreciate hearing of them.
Thanks a lot! I feel better already. I have nearly 200 bounced back notifications from the last 2 days and now I can start digging to see if I can identify this person. Who knows, maybe I can get his/her ISP account canceled and cause them the trouble of having to set up yet another.
I found an interesting webtool the other day at DnsStuff.com.
All these tools on one simple page:
DNS Report - Finds lots of common DNS problems.
DNS Timing - See how long your DNS servers take to respond
WHOIS Lookup - Lists contact info for a domain/IP (about 150 TLDs!).
Abuse Lookup - Finds abuse contact for a domain from abuse.net.
WHOIS Search - True WHOIS search, using www.whois.sc.
URL deobfuscator - De-obfuscates confusing URLs.
Free E-mail Lookup - Is an E-mail address a known free one?
Spam database lookup - See if a mail server is listed in 150+ spam databases.
Reverse DNS lookup - See if your IP has a reverse DNS entry.
IPWHOIS Lookup - Lists contact info for an IP (or domain).
NetGeo IP Lookup - Shows geographical location of an IP (or domain).
IP Routing Lookup - Shows IP routing info, from RADB.
CIDR/Netmask Lookup - Calculates CIDR ranges (e.g. 192.168.112.0/24).
DNS lookup - Look up a DNS record (A, MX, NS, SOA, etc.)
Ping - Shows how long it takes for packets to reach a host.
Tracert - Traces the route packets take to this host.
ISP cached DNS lookup - Check cached DNS at major ISPs.
Decimal IPs - Decimal IPs
Quite an amazing resource. All of the above services have a text field where you can enter your search term.