Twice this past month I’ve got online in the morning to check my email and found hundreds of returned mail sitting in my inbox. What these are is that some clown (for lack of nastier names) has sent out a blast email where they put all types of variations before @webuildpages.com… for example [email protected] or [email protected] etc etc, and so when they send their spam, the return email is something @ webuildpages.com.
I’m sure this must happed to lots of people besides me (I’m guessing I’m a random hit, not a “I hate Jim” hit).
I’m sure webuildpages is now on several spam lists, I’m sure I’ve pissed a bunch of people off who think I’m the one sending theses (and hurting the image of webuildpages.com).
I know one email spam filter that we’re listed on, and unfortunately many IPS’s and hosts use that filter….and when I’ve looked into how to get my emailed delisted from their spam list I was suprised they the people who make this list totally assume you’re guilty and they make you jump through so many hoops to try to claim your innocence that it appeared that it would take a lot of time and work to try to get off the spam list.
What can be done?
24 Responses
I had the same thing happen to me. I’ve to come up with a better solution than turning the catch-all off. I’d be very interested if anyone has any action that can be taken.
You can’t do anything to keep this from happening. It is called Phishing (http://en.wikipedia.org/wiki/Phishing) where your email address/domain is spoofed.
For example: I can send an email as Bill Gates [email protected] by a few quick changes to my email settings and I obviously don’t have access to his email or servers.
It is a fundamental flaw in the way email was designed to work in my opinion… The best thing to do is just help educate people. I am sure that most people have received spoofed emails from PayPal or eBay telling them to “click here” and update their personal info… Even the links look real but are spoofed and take the visitor to a form that will collect their private information.
MANY people just believe that since the email has their name and logo in it that it MUST be real. Go to http://www.microsoft.com/athome/security/email/phishing.mspx for a quick example.
The sad truth is that lots of people get taken advantage of by being ignorant of this…
I’d sure like to know. I get hundreds of bounced back emails from someone spamming off some of my domains that I’ve had for years.
I’ve had this happen to me too a few years back. It’s really frustrating at first, however once you’ve convinced your webhost, upstream provider, spam list maintainer and your neighbor’s dog you will find that it somehow sorts itself out. (at least it did for me)
You may also want to look into SPF (Sender Policy Framework) for your email’s dns records. (it’s still far from a full solution though)
happened to me last week and f@cked gmail up for 5 days (the domain was forwarding). I’ll put up money towards a bounty to kill the guy if anyone wants to look . . .
Use SPF. Many email providers use it now to see if the mail is really from the person it says it is or not. If it isn’t it’ll just delete it. Thats how you can prevent it.
(My website I wrote how to use SPF to prevent your email from getting junked, but it works the same way to make sure email NOT from you DOES get junked WITHOUT hurting you)
As for what to do now.. Just try and track down the spammer like you’d do someone spamming you. Find the IPs they are using and contact the ISPs.
I certainly wouldn’t suggest going to the website in the bounced email and filling out their order form over and over again with expletives, maybe using some automated testing solution to do it for you for an hour or 2. 😉
Funny thing is my wife only got bounced emails for a day, then they must have stopped using her email address, don’t know why… 🙂
On what server you are linux or windows.., i have great solution for linux servers… You forget that SPAM exists..
🙂
If you have one of the original messages, here are some really good suggestions on how to track down the source:
http://www.de.sorbs.net/spamfo/basic.shtml
Beyond that, SPF works well and is now widely used. DomainKeys is another good one but less widely adopted. It is gaining popularity as e-mail servers adopt the standard. Good luck.
@jim: yeah – I got this crap on my major business domains, and the only think I got to do so far is implement a) SPF (which MIGHT help) and b) implement a blackhole for the catchall – at least then I dont receive those jerky reply mails
@tom: > It is gaining popularity as e-mail servers adopt the standard.
Crap – Yahoo adopted it WITHOUT taking note of all production versions of the major opensource mailer embeded in so many webhosts – EXIM tough with a huge base does not support it
that means – my mails go to BULK for Yahoo email recipients… super, ha?
http://weblog.cemper.com/a/200611/28-yahoo-bulk-folder-xyahoofilteredbulk-killing-my-business-mails.php
and even admin personal refuses to setup the “experimental” versions that “adopted” that standard …
THEY DON’T EVEN TAKE MONEY TO FIX IT!
see about my experiences
http://weblog.cemper.com/a/200611/29-domainkeys-experimental-implementation-worth-the-hassle.php
Take note that ALL this crap doesn’t keep 3 chained spamfilters to pass thru the generours image spam
http://weblog.cemper.com/a/200701/10-how-to-get-rid-of-the-re-my-somecrap-spam.php
So in short Jim, implement SPF on your domain, do the catchall and join Matt Cutts and all the others bitching about the really sucky software surrounding email communication
http://www.mattcutts.com/blog/why-isnt-email-authenticated/
cheers,christoph
@Hrvatska: you’re talking about greylisting?
I think Jims problem is not that he receives spams, but that somebody’S using his domain (randomly) to fake the mail headers
This is ridiculous. I don’t understand why these spammers have the guts to use their own emails/domains.
Always an innocent person has to suffer at the cost of his reputation and unnecessarily be blamed for not doing anything unethical.
This nailed one of our domains and ended up brining us down as the bounces were coming in at 5,000 an hour…
What I did do was route the errors to an account that could be pulled off the server by an account accessed outlook and then set up the rules to put them in a seperate folder.
It does not fix the problem, and I would love to learn a way to do so, but it took some of the pain out of it. I could not imagine having to wade through a webmail account that has all that coming in.
The simplest thing to do is turn off your catch-all email account. Only allow email to addresses that you know are valid, like ‘jim@’ or ‘webmaster@’.
This doesn’t stop the spammers from using your domain, but it does stop all the bounced emails from hitting your inbox.
I’ll echo the catch-all account advice firstly (although that’ll usually result in a double bounce, but you annoy the guys who bounced mail they shouldn’t have rather than dealing with their screw-up).
As for removal from a spam filter; the one I found you on is usually pretty good at delisting. Just send an email saying you were joe jobbed along with a sample of the bounce and you should get removed fairly quickly.
Yep got the same happening here too… normal spam is enough of a problem without having returned mail and knowing that you are probably getting put on a list 🙁
No i have combination of open source tools.. that if setup in right way…
works better that solutions.. that cost coupel 1000$s …
if you ar einterested let me know and i will send you url whwrw you can find all that
Yep, a real problem that happened to me too. I’d like to agrree with that gut who supposed that you’d open only that emails that you know. As for the SPAM – it really exists if to know how to use it properly:-)
This happened to me too a few months ago. I got 1,5K bounced mails from a spam mailing.
I turned off catch all and I made an auto-reply to all mails that was not directed to the right one with a notice that this email is invalid and unauthorized used by a spammer, not me. That way when some guy got angry and answered the spam they got the autoreply explaining the situation. Not a perfect solution but the best I could figure out to rescue the bad image.
I find myself checking RBL fairly frequently – this is my usual stop – http://www.robtex.com/rbls.html (if anyone has any other recommendations I’d like to hear them).
You’re right Jim, getting off the lists is not easy. We once got a recycled IP that took weeks to clean up!
Nick, http://www.dnsstuff.com is another good one for checking RBLs.
I hadn’t heard of robtex but it’s going in my bookmarks. It’s definitely a good find. Thanks for sharing it!
Wow, I didn’t even know that until reading this post. I’ve been getting those bounce back email for a while and I thought they were spamming to me.
This happened to my Dad once and AOL froze his account. After reviewing what happened, we found out that someone was sending out emails selling a product. There was nothing we could do but talk to AOL.
Unfortunately, I’ve been getting this sort of junk for some time. I’ve tried several things and some improved it but didn’t find anything that really fixes the problem.
The sad thing is that after months, it hasn’t dropped off any. I would have thought they’ve of moved on and used someone else in the from line.
Comments are closed.