Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Troubled with Spam sent to my domain name 4

Status
Not open for further replies.

babyspicefan

Technical User
Oct 30, 2006
2
GB
I have recently been troubled by a large amount of advices of undelivered e-mails that I have not sent. I believe that someone is somehow using my domain from many various locations to send out spam mail from. The Spam mails are all about those hot stock tips or Viagra. I take details of the headers and send them to the relevant ISP's, but there have been too many and it is very time consuming. This is causing me problems on two levels.
1, some of my genuine e-mails are being returned as my domain appears to be blocked by anti spam mail. I doubt that is something this forum can assist with, but any suggestions are welcome.
2, I am also now receiving Spam that is addressed to 'just about any combination of letters'@my domain name. I have 2 genuine e-mail addresses that I have setup. Is there anyway, that anyone is aware of, were I can block e-mail from entering my system that is not addressed specifically to either of those 2 genuine addresses that I have?
I am using Outlook 2003 on Win XP
Thanks in anticipation of any help you can provide.
 
first off you can change the passwords of the two email addys see if the undeliverable emails stop or slow down. as far as the spam that you receive. there is no way of doing that unless you have a spam filter on the email host that is capable of blocking spam by the ip not the addy
 
I am guessing that you do not host your email on your own email server, you use an email client such as outlook express / outlook 2003 to retreive your emails from an ISP or similar ?

If this is the case, have a word with your ISP and see what they do in the way of spam filtering, they should be able to sort you out for a couple of £/$ per month, if not for free.

If they cannot help you, post again on this forum, and we should be able to work something out to help.

 
Have you purchased POP boxes for you domain from the domain host? If so, you may be able to set the boxes to refuse mail to all but the specific addresses that you have setup with them. I am able to do this with my pop boxes associated with my domains through 123-reg.co.uk.
 
As for #2, this is easily accomplished with a few rules. Something like:
[ol][li]With username1 in the recipient address, stop processing more rules.[/li][li]With username2 in the recipient address, stop processing more rules.[/li][li]Move all messages (no critera selected) to spam folder[/li][/ol]
This works because all rules are processed in order, unless a 'stop processing' rule is encountered.
 
Yes, I use Outlook 2003.
My ISP originally were extremely unhelpful with this problem. They have now however suggested how I can set up some filters. They have worked to some extent ...
I have 2 valid e-mail addresses on my domain, so I have
rule 1 to allow all mail addressed to 'correctaddress@mydomain' to be passed straight to my inbox.
rule 2 to allow all mail addressed to 'correctaddress2@mydomain' to be passed straight to my inbox.
rule 3 all other to go directly to junk.
This is seems to work fine on SPAM but it does not prevent all those 'Delivery Notification: Delivery has failed' messages for the SPAM sent by my domain hijacker.
I don't really think there is much else I can do. I report SPAM until I am blue in the face and it gets me nowhere. verizon, even though they have many different sets of headers ALL showing SPAM originating from their servers on a DNS lookup, say they cannot help. WHAT THE! How much more in their face evidence do they require ?
 
An additional rule or 2 at the end should be able to process the Delivery notification messages. Something like:

With specific words in the subject and specific words in the body, move to the junk folder. Set whatever specific words are appropriate for these messages, but would not catch legitimate delivery failure notices.

There's a lot that you can do with mail rules. You must think logically and follow through in order (the order can make a difference). Sometimes the apropriate goal is to catch what you do want and discard the rest; sometimes the apropriate goal is to catch what you don't want and keep the rest. Also keep in mind that criteria words work on the wildcard prinicipal - searching for car in the subject will also catch carnivore, carefully, healthcare.....
 
Something else you may be able to do, although it won't help with the spam you are getting, but with the issue of you being blocked, is see if your ISP will add an SPF record on their DNS server that's hosting your zone.
It's really simple to do if you have control of your DNS settings for your domain, and if you do not, then your ISP should be able to add this for you (although they may be unwilling, or just not know what this is)
But it's worth a shot.

head over to and have a look. If your not too technically inclined, you may need a bit og guidance to set this up. Post back if so though
 
SPF isn't all it's cracked up to be, though. Lots of people getting around it.

Sounds like your email address has been spoofed. And that, cannot be prevented. Nor does it mean anyone's using your server or account. It just means they're sending out bogus emails with your email address as the sender. Common spamming technique.

Pat Richard, MCSE MCSA:Messaging CNA
Microsoft Exchange MVP
Want to know how email works? Read for yourself -
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top