I don't really see an ideal place to post this question, so I'll try this category. I have a domain hosted here that I haven't been using lately and haven't checked my email for the domain is some time. Tonight when I checked it, I see ALOT of returned mail messages from various servers for mail that I never sent. I assume someone is just forging headers and using my domain in the header to send spam and lots of it. Apparently, they are also sending viruses which are being rejected as well. This is a first for me and I imagine that if it continues, I may have problems as a result of this. Am I just stuck dealing with angry people who think I'm behind this or is there anything I can do about it? I'm guessing not but thought I'd ask.

Thanks.

I don't really see an ideal place to post this question, so I'll try this category. I have a domain hosted here that I haven't been using lately and haven't checked my email for the domain is some time. Tonight when I checked it, I see ALOT of returned mail messages from various servers for mail that I never sent. I assume someone is just forging headers and using my domain in the header to send spam and lots of it. Apparently, they are also sending viruses which are being rejected as well. This is a first for me and I imagine that if it continues, I may have problems as a result of this. Am I just stuck dealing with angry people who think I'm behind this or is there anything I can do about it? I'm guessing not but thought I'd ask.

Thanks.

Jvan,

This is quite frustrating, to say the least... I definitely feel your pain here.

Unfortunately, with the way SMTP was developed, it is all too easy to "spoof" a domain name, where people (and systems for that matter) believe that mail is coming from your domain. When mail bounces, it will come back to your domain, as it believes that your domain is indeed the source of the spam.

Typically, spammers will pick a random user for a domain and spam that way; for example, asjw@yourdomain.com, lldk@yourdomain.com, ooqk@yourdomain.com, etc etc. When mail comes back to your domain, and you have a catchall set, then the default account for your domain will catch the mail and store it. When you login to the default account (of if that's the account you use), you will see bounce messages, messages from angry people, etc.

This thread (http://forum.myriadnetwork.com/showthread.php?t=255) deals with fixing your catchall to bounce incoming messages that aren't bound for any specific user on your domain. While I won't get into any more detail here, that thread should answer most of your questions regarding that.

tl;dr version - There really isin't anything you can do to stop them, but you can stop the bounces from hitting your default account.

Very good question, though.

Ryan

Jvan,

This is quite frustrating, to say the least... I definitely feel your pain here.

Unfortunately, with the way SMTP was developed, it is all too easy to "spoof" a domain name, where people (and systems for that matter) believe that mail is coming from your domain. When mail bounces, it will come back to your domain, as it believes that your domain is indeed the source of the spam.

Typically, spammers will pick a random user for a domain and spam that way; for example, asjw@yourdomain.com, lldk@yourdomain.com, ooqk@yourdomain.com, etc etc. When mail comes back to your domain, and you have a catchall set, then the default account for your domain will catch the mail and store it. When you login to the default account (of if that's the account you use), you will see bounce messages, messages from angry people, etc.

This thread (http://forum.myriadnetwork.com/showthread.php?t=255) deals with fixing your catchall to bounce incoming messages that aren't bound for any specific user on your domain. While I won't get into any more detail here, that thread should answer most of your questions regarding that.

tl;dr version - There really isin't anything you can do to stop them, but you can stop the bounces from hitting your default account.

Very good question, though.

Ryan


Thanks Ryan. I'll read that thread.

Thanks Ryan. I'll read that thread.

Sure thing :).

Changing your catchall to :fail: is a good idea in almost every scenario. That thread should go into detail in that regard.

Ryan