OT: spammers are using my domain again
Paul Howarth
paul at city-fan.org
Fri Oct 8 14:29:50 UTC 2004
Matthew Miller wrote:
> On Fri, Oct 08, 2004 at 03:12:44PM +0100, Paul Howarth wrote:
>
>>This won't actually stop them spoofing your domain (most spammers aren't
>>terribly bright, as can be seen from the many spams landing in my junkmail
>>folder these days with "Received: from %RNDDIGIT[1]%RNDDIGIT[2]" etc. in
>>the headers). However, you'll feel better knowing that a few less of their
>>spams get through to sites implementing SPF checks or running SpamAssassin
>>3.x.
>
>
> It won't stop them from doing it, but it makes it very easy for anyone to
> see that the messages are forged. Eventually, when enough people check, it
> _will_ stop them.
I know; I publish and check and one of my domains does get spoofed by spammers
from time to time, albeit at quite a managably low level.
An unfortunate side-effect of both publishing and checking is that from time
to time I reject a virus trying to spoof one of my domains, and then the
originating ISP's mail server then sends me the resulting bounce, which isn't
a forgery so it doesn't get rejected.
Paul.
More information about the fedora-list
mailing list