Someone is sending SPAM using my domain.

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Hey Readers,

Recently I’ve been getting a bunch of emails saying your message could not be delivered.
After looking into it, I found out that someone is sending spam using my domain.

My two worries were:

What can i do about this?
And will my domain be blacklisted
I have found an article worth the read if you have having the same problem.

A very common tactic that spammers use these days when sending Unsolicited Commercial Email (UCE) / SPAM is to send their messages with a forged FROM address in hopes that their messages will stand a better chance of being read by the recipient and getting passed many low level message filtering systems.

Where customers may notice this type of activity occurring is if you receive a bounce back claiming a message you sent (which appears to be UCE / SPAM) could not reach the recipient or you get an angry response from a recipient asking you to stop sending them UCE / SPAM. Clearly you didn’t send the message.

Unfortunately, in this type of situation there isn’t much you can do to prevent this type of activity because it is very easy for spammers to send messages using a forged FROM address. The email addresses the spammers use for this type of activity are generally harvested from websites or generated at random based on valid domain names that the registry has in their database. The email addresses are often harvested from domain WHOIS records as well so it is a good idea to use a private registration service to protect your contact details if your domain registrar offers this as an option.

There are a couple of things we advise which may help though in reducing the amount of returned messages you receive as a result of this UCE / SPAM being sent with your email address as the forged FROM address –
Disable Default Address – Disable the catch all / default email address under your cPanel account. You can do this by setting the address to :fail: under the “Default Address” menu of the “Mail” section within cPanel. By configuring your default address in this way it means that any messages sent to an email address that you have not specifically setup as an email account or forwarder under cPanel will be rejected. You can read more about configuring the default address by reading the following KB article: How can I manage my Catch-All (Default) Email Address?
Setup Mail Filtering – If the the returned messages you are receiving from the UCE / SPAM messages all contain something in common (e.g. the subject of all the messages contains the word “red” or the message bodies all contain the word “jim”) then you can setup a filtering rule under the “E-mail Filtering” menu within the “Mail” section of cPanel to reject messages containing specific words or phrases. E.g. you could reject all messages which contain the word “red” in the subject line.
Although this type of activity can be extremely annoying you do not need to worry about being blacklisted by the anti-SPAM databases. None of the major anti-SPAM databases block a server based on the FROM address of the UCE / SPAM message as they are well aware that the FROM address can be forged and that it is a common tactic used by spammers.

source: http://forums.rochen.com/showthread.php?t=7102

I’ll leave you with this note, DIE SPAMMERS!!!

Facebooktwittergoogle_plusredditpinterestlinkedinmail

1 thought on “Someone is sending SPAM using my domain.

  1. Thanks for the post. Not going to stop this idiot using my domain, but at least it should stop me receiving all of these annoying emails.
    Much appreciated.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.