A spammer is using my domain name as a bogus return address

Discussion in 'Networking and Security' started by SideShowBob, Sep 9, 2006.

  1. Apparently a spammer has decided to use my domain name as a bogus return email address on his spam. I'm now getting 200-500 "delivery failed" messages a day sent to addresses such as "ajfnlakjsnf@mydomain.com" after his spam bounces.

    Is there any way I can block this schmuck from doing this? Hunt him down and have him put in Guantanamo Bay?

  2. you can turn off the "default" mailbox for addresses that don't exist, but that's about it.
  3. No way to get him to Guantanamo? :mad:

    What about that prison in Iraq -- Abu Gharab?
  4. BCE


    Email D. Rumsfeld or Alberto G. Maybe you can get them to torture him too. :D
  5. The same thing happened to me only they were using my email address from my ISP. I notified my ISP(AT&T) and never heard from them but the bounced messages stopped after about 3 months.

    Might want to run some spyware/antivirus to make sure the emails aren't actually coming from one of your machines.
  6. Sounds like you an open port somewhere. Put your windows firewall up and he won't be able to get in. If that doesn't work, then run a security scanner on your computer for open ports, then close them. You can also download zonealarm for free and lock him out of your computer. After he comes into your open port, then zonealarm will pick up his IP and then you right click on it and choose "block". Zonealarm is your best bet.
  7. narballs


    best is use any cheap router thye all have port configuratoin. i leave few open for my chat programs and my games. another one for my trading platform. that hsould help with security~
  8. As others have already stated or hinted...

    There are two reasons this is occuring:

    A) Your email address for your domain name (not talking about your ISP) is set up for the default setting to receive all emails or any emails that ends with your domain name.

    For example, lets say you have a website called Memorex.com

    Further, you only have two emails address associated with that domain name via the following:

    * support@memorex.com
    * feedback@memorex.com

    Your going to still get "failed delivery" messages even though you didn't send an email via emails sent through bobxys@memorex.com et cetera.

    Simply, call the tech department of your domain to set it up so that you only receive specific emails via your actual domain addresses.

    In addition, setup your domain email filter to filter out (automatic deletion) any email that has your domain name in either the From: or within the Body that did not originate from your domain host servers.

    B) If your talking about an email address that's not associated with a personal website that belongs to you (ex. xyz@yahoo.com)

    Immediately change email address (get a new one) along with doing a complete virus, spyware scan on your computer system.

    Next...get a email security system that scans all the emails you receive and send out.





    Last of all, get a internet security program that protects your ports and sends you alerts that any program is trying to access one of your ports.

    Good Luck.

  9. AaronCapps

    AaronCapps Global Futures

    This happened to a good friend of mine, his ISP almost black listed him as a spammer because of it. Contact your ISP and point it out to them, they should be able to take care of it for you or at least walk you through how to stop it on your end.
  10. I'm fairly certain it's not a virus or spyware on my machine, I'm running norton antivirus with a full scan once a week, plus I have a router based firewall.

    I do have a "catchall" account set up (which is receiving the messages) but I'm hesitant to disable it. The reason is that I like to be able to sign up for accounts using email addresses such as "amazon@mydomain.com" and "yahooshopping@mydomain.com" and then know I will get the messages, but if I find that I start getting messages at that address from other places (such as spam) then I will know that company sold my address and I can both call them and yell and also disable it. If I remove the catchall then I lose access to that ability (I can still create aliases for the addresses I created so I'll get those messages).

    For now I guess I'm going to have to do that. It's never been a problem before but I feel like the proverbial liberal who's been mugged (if you don't get that reference it comes from an old description of a conservative as a liberal who's been mugged).

    I've heard rumors of charging an ISP a small amount per message, I'm now all for it. This is ridiculous....

    #10     Sep 11, 2006