Hi Liam,
My concern is that my domain name finds itself added to spam filters thus
rendering my email address useless for communication. My mailbox has been
filled up with bounced messages, and I cringe at the thought of the number
of messages that WERE successfully delivered with "from gumphoto.com". My
hosting service, who has treated this issue in a somewhat cavalier fashion,
insists that the "from" field has, indeed, been used, and that spam
filtering services are aware of this tactic and that there is no true risk
of "permanent damage". Looking at the headers of the bounced messages, I
see a confusing mess of different ip addresses, so I suppose they may be
correct and that the SMTP service at the webhost is NOT being used for spam
relay. But a security scan that Gordon was kind enough to run for me does
indicate that there may be some lax security at my webhost. The whole issue
has been a big pain and I have to wonder that if the "from" field can indeed
be anything, why pick an actual domain? Why even bother with harvesting,
which I thought was more appropriate to finding recipients for spam, not
fake senders?
Thanks for the info.
Keith
-----Original Message-----
From: Liam Lawless [mailto:lawless@bulldoghome.com]
Sent: Friday, April 28, 2006 8:07 PM
To: alt-photo-process-l@usask.ca
Subject: RE: OT request for arcane tech help
Keith,
My wife's e-mail has recently been subject to a similar attack. I'm no
expert on these things and her domain host wasn't interested, but I've been
doing a bit of reading on the web and it seems likely that the e-mail
attached to her domain has been "harvested" from the internet, a discussion
forum or somesuch. It seems that anyone sending an e-mail can put anything
they like in the "From" field, and the reason that spammers use fake
addresses is that large volumes of mail will be flagged by their ISPs.
It is said that spammers usually move on to a different address after a week
or two, but it may be possible to deflect the bounce messages by disabling
the catchall feature of your e-mail account. To do this for my wife's
account, I had to go to her domain's control panel, click on "Default Mail
Account", then "Set Default Address (Catch All)", and type ":fail:" in the
box which asks where unrouted mail to the account should be sent. Any
bounce messages addressed to qytwehx@herdomain.com (or other name made from
random characters) should then go back to the original sender who,
hopefully, will then move on to someone else's e-mail address.
I've only done this tonight, so can't say if it's worked yet, and of course
your control panel will probably be different.
And a disadvantage, I suppose, is that you cannot use the catchall feature,
but hope this is some help.
Liam
--- [This E-mail has been scanned for viruses but it is your responsibility to maintain up to date anti virus software on the device that you are currently using to read this email. ]Received on Sat Apr 29 10:25:13 2006
This archive was generated by hypermail 2.1.8 : 05/01/06-11:10:26 AM Z CST