OT: spammers are using my domain again

Phillip T. George me at PhillipGeorge.com
Fri Oct 8 05:39:01 UTC 2004 

Trevor,

Its hard to say really.  I'd like to think that in most cases there is 
no security issue.  Most of the time spam & email is blocked by IP 
address and NOT by domain name (except in individual users' rules).

Also sounds like you have a "catch all" turned on...meaning ANYTHING 
going to @haligonan.com goes to a specific address.  It would make sense 
to disable this.  The only use (that I can think of, off the top of my 
head) of a "catch all" is when transferring domain names from one system 
to another, just to make sure you set up all of the users properly.

I don't know of any actions you can take to move them on.  Get a new 
domain name and/or new email address is the best way to de-spam..and 
don't give it out ANYWHERE.  Especially do not use your email address 
when registering a domain name...and if possible...don't use your real 
physical address.  It is highly likely that someone picked up your doman 
name just by a random check of the domain registry, but your specific 
email address can only be picked up where a trail is left.  Online forms 
you fill out are another cause of this as well.

To summarize:
1. Turn off the "catch all"
2. If your main email account is getting a lot of spam...try to change 
it if possible

Sounds like you already have some anti-spam software installed.  If not, 
you mght look into SpamAssassin and especially look into "Bayesian 
filtering"

-Phillip

Trevor Smith wrote:

>So I'm getting tons of bounces because the spammers have made their way back 
>around to my personal domain and are sending out their crap with 
><something>@haligonian.com as the forged From: address.
>
>I don't really care since I have bogofilter installed and it puts every damn 
>one of them in my "unsure" folder and I never need to see them, but just to 
>be thorough...
>
>Does anyone know of anything I could do to get them to move on from spoofing 
>my domain to spoofing the next victim's domain?
>
>Is there any real harm to me that they are spoofing my domain, btw? I assume 
>that network admins are smart enough now that they realize almost all spam 
>addresses are spoofs and they don't go arbitrarily blacklisting poor suckers 
>like me. :-(
>
>Now, I'm assuming this is straight forging, and that no spammers are actually 
>using any network resources related to me (since I pay $10/yr for a web/mail 
>hosting account for haligonian.com and don't run my own servers).
>
>  
>

More information about the fedora-list mailing list