Neverseen 0 Report post Posted December 4, 2005 Ok. Here we go. I've got a website, and some lame spammer uses my domain name to send his fckin SPAM. Now I'm only receiving "Delivery Failure" messages from the adresses where this mofo has sent spam but that doesn't exist. I was told that with some software, it's possible to send an email, and to put whatever you want in the field "From:" so, even if you're sending the message from blabla@hotmail.com you still can make people believe that you send it from any other adress (ex: admin@Xisto.com) and when they receive it they really think that it was the admin who has sent them this sh*t. Now my question would be: is it possible to prevent spammers from using my domain name ?? Is there any way to block them ? Please let me know, because this really makes me sick Thanks in advance. Share this post Link to post Share on other sites
WeaponX 0 Report post Posted December 5, 2005 If I understand your questions correctly, I don't think it's possible. If anything take down your email address from your site if you put it up. That might be what triggered them to start doing this in the first place.They can, as you know it, "spoof" (fake) their emails so it looks like it's coming from one source when it's really from someone else. You can take a look at the header details to see where it's coming from...but even this will not work as some can even spoof that information.As far as I know, there's no way to prevent spammers from doing this. I would love to know how also (if someone has ideas) as I have tried many things already (including delisting my email address from my site - even though it doesn't use my domain). Share this post Link to post Share on other sites
miCRoSCoPiC^eaRthLinG 0 Report post Posted December 5, 2005 Spoofing like this is extremely easy to do in fact.. if you're wondering how, you don't even need any special software infact. Just simple TELNET will suffice. For example, say my SMTP server is smtp.blah.net This is what I do: CONSOLE shell> telnet smtp.blah.net Trying x.x.x.x Connected to mail.domain.ext. Escape character is '^]'. 220 smtp.blah.net ESMTP Sendmail What you get is a blank SMTP Prompt - where you simple type in from, to and body of the message... The commands used are MAIL FRM, RCPT TO and DATA. But first you need to tell the SMTP server you own domain. This is where the trick starts.. Example...(continuing from above) CONSOLE HELO myspoofed.domain.com 250 myspoofed.domain.com Hello smtp.domain.name [sm.tp.i.p], pleased to meet you Next you type: CONSOLE MAIL FROM: spoofed@address.com 250 spoofed@address.com... Recipient ok That's it - your trick is done.. the SMTP believes that your mail is comng from this spoofed address... So you see how easy it is to do it.. what you need to do is simply run some sort of a script that takes a bunch of email addresses and mails out to them using a spoofed domain as shown.. in your case it was your own doman.. As far as I know there's no way to stop this at all.. only inspecting the headers might give you a clue as to who's doing it. In turn you can report back to the original ISP of the sender that he's into serious spamming and thus get his account cancelled. But most likely he's using some free public email as his base - so closing that down won't affect him in any way. All he's got to do is open another account and start all over again... Share this post Link to post Share on other sites
yordan 10 Report post Posted December 6, 2005 You can even configure your own mailer (Netscape Messenger for example), giving as "from" and "return mail address" an address like "thebestman@in.the.world", the mailer will send it's message with this "from" address. If this happens to be a valid address, bad luck.Unfortunately, i agree with WeaponX, there is probably no way for avoiding that. Share this post Link to post Share on other sites
Neverseen 0 Report post Posted December 14, 2005 thanks for your replies guys... so as I can see there's now way to get rid of that too bad... I'll try at least to trace the sender, maybe I'll be able to find out who does this unfair thing. Share this post Link to post Share on other sites
vujsa 0 Report post Posted December 18, 2005 thanks for your replies guys... so as I can see there's now way to get rid of that too bad... I'll try at least to trace the sender, maybe I'll be able to find out who does this unfair thing. 1064332791[/snapback] You can actually track where the email really came from. Every Email message sent is encoded with the route used to get the message from sender to receipient. This can be used to track down the spammer and get justice. You can either forward this information to your service provider or find a more inventive method of resolving the problem. vujsa Share this post Link to post Share on other sites
WeaponX 0 Report post Posted December 18, 2005 vujsa, I heard that they can spoof the information in the header of the emails also. Does this include that routing information? If not, how do we trace it? Use a whois or DNS search service? Share this post Link to post Share on other sites
Saint_Michael 3 Report post Posted December 18, 2005 actually its gets harder and hard to trace spammers unless you have some elite of software to find them cuz spammers came reroute the original email/ip to dozens before they can get tracked. But most of the time people give up after the hundreds of different locations are traced. basically the stupider the email the harder it is to trace.of course only rookies would fall for the admin sending you an email but sometimes the older users get caught sometimes, of course the best suggestion is used a back email address that you want to use to make sure that if you sign up all the junk goes their and not your primary email. of course some people go overboard and got like 20-30 email accounts just cuz of the features ***cough*** gmail ***cough***. but of course with todays current email technology alot of the spam goes to the junk folders anyway.But i would have to say though only the idiots send spam if you want to get account info the smart people would hack for it and not send a spam email. Share this post Link to post Share on other sites
saxsux 0 Report post Posted December 31, 2005 Unfortuantely Vujsa, m^e, and everyone else who've posted are right. There's no easy way to stop this, other than going to thier ISP.Seeing as billion dollar companies like eBay suffer from this problem and haven't been able to resolve it, I think that you don't stand much of a chance either (no offence intended).Sorry neverseen, and good luck in with your website - hopefully the spammers shouldn't blight you too much. Share this post Link to post Share on other sites
iGuest 3 Report post Posted January 16, 2008 How to stop spammers using your domain How To Prevent Spammers From Using Your Domain? Try using SPF (Sender Policy Framework). This is added to your domain zone file, and allows you to say which email servers are permitted to send for your domain. If a receiving server uses SPF validation, it will check to see if the domain the email is coming from has an SPF listed, and if the email isn't from an allowed server, it will reject it. If the domain doesn't have an SPF nominated, or the sending server matches the SPF nominated servers, then it is accepted. It isn't perfect, and will only work really well once receiving servers have it setup, but it's a start - and if people start demanding it - then it will make a difference. http://www.openspf.org/ Rgds See -Craig Share this post Link to post Share on other sites
