As many of you know, I own a domain name. As of late, someone has decided to spoof a return address for their mass-mail / spam from my domain name. It’s a single name, and… Well, I’m wondering if there’s anything I can do about it? At the moment, I’m getting upwards of 500 emails a day (luckilly, directly into the ‘delete’ box) that say, “Hey, we can’t deliver your spam, thanks.” They’re not sending from my server; they’ve just taken a name that -would- be from my domain, and sending it out. Anyone know if there’s a way to stop this from continuing? The last thing I want is for people to think somehow I gave an email addy off my domain to a spammer.
The same thing is happening to me. It stinks, doesn’t it?
As near as I can tell, jjimm is pretty much right. We’re screwed. When I contacted my hosting service, I was given this link. You may be interested in reading what they had to say.
After about ten days my spam bounces are finally slowing down. I hope the same happens for you soon.
I have a personal domain name and also a domain I have registered for a local non-profit organization. I have the same problem with both domain names. Just to confirm what everyone else has said, there’s not much you can do.
However: check with your hosting company or in your e-mail settings to see if you can send to the bit bucket any e-mails that go to a “non-registered” e-mail address. e.g. on my site x.org I have defined e-mail addresses name1@x.org name2@x.org name3@x.org
In the “e-mail manager” page at my host site, there is an option that says:
This is how e-mail not handled by any other Mailbox or Recipe will delivered. : (choose action)
and one of the options is “Discard e-mail”
If most of the “from” addresses are “fake”, that might help you get rid of some of the reply messages you get saying, for example, “I am out of the office today” or “This message was undeliverable”
Hold on a second, I see that your e-mails are already going directly to the delete box. Your next best option is to track down the spammer and convince him to cease this obnoxious practice, persuading him with convincing moral arguments that his behaviour is wrong and should be stopped immediately.
I had that happen for one of my domain names. I created an email box for the fake user name and gave about 2k of space. The first email that came in filled it up.
Learning the technical details of how email works is on my list of things I really must do. Unfortunately, it’s a very very long list. So excuse my ignorance. If you can spoof the return address, why would you spoof a real domain. I know spammers are complete arseholes, but I think it improbable that they’d use a real domain just to give **Arrmatey ** the shits (although you never know). What advantage does it give the spammer to use a real domain as the spoof return address?
Unfortunately, the spam-in-question (I’ve now actually read some of it) is all of the nature of, “Hey! I know we just met! Invest in this stock!”. No links, no HTML of any sort, so there’s nothing (apparently) for me to trace back… Or is there? Anyone more knowledgable than me have any ideas on how I can at least find the culprit on this one?
In my case, they spoof an email address that I no longer actively (although I minitor it sometimes). I have arranged it so that most mail from mail handlers to that address get deleted. But some have odd names and slip through. One threatened to send my address to some blacklist site. Can they really do that? Could I sue? I don’t care since I never use it to send mail anyway, but I am curious.
