dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
733
share rss forum feed

nonymous
Premium
join:2003-09-08
Glendale, AZ

My domain spoofed sending spam

I use Google apps for my domain and use DKIM and SPF also.
I am getting bounced emails lately like I am a Russian women visit my website. No they are not going through my account as server is in another country and does not pass SPF. So emails do not validate to my real apps account.
So my domain has been recently spoofed. Is there more I can do? Quick online search says no but well I as far as I know do not get randomgibberrish@chase.com or randomgibberrish@someotherbigcompany into my spam folder.
So do the big companies not get spoofed or is there something more professional to do.
Would spoofed email end my domain up on a blacklist? Shouldn't as does not verify from me yet? never thought about it as has not happened since had domain years ago. Plus other domains i have knock on wood have no bounce backs.


nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
kudos:7
Reviews:
·AT&T U-Verse

1 recommendation

said by nonymous:

So my domain has been recently spoofed. Is there more I can do?

Probably not. Just ride it out. After a while, they'll try a different domain.

Depending on your software, you might be able to use filters to separate out all of the spoofed-mail-bounces.
--
AT&T Uverse; Zyxel NBG334W router (behind the 2wire gateway); openSuSE 12.2; firefox 16.0.2

nonymous
Premium
join:2003-09-08
Glendale, AZ
Not a lot of bounces just figure for the few bounces way more go through. People then see the sender and think my domain.
They are sent from the random gibberish@mydomain.com .

Just the one in a million chance goes to someone important that I do send email to. Look for work and prospective employeer gets russia woman off my unique domain along with my job application.

No bounces have been real accounts at my domain and no complaints from any friends etc. Still even though quick searches say live with it why doesn't more spoofed spam come from real fortune 500 companies?

SipSizzurp
Fo' Shizzle
Premium
join:2005-12-28
Houston, TX
kudos:4
reply to nonymous
Are the bounced e-mails originating from your own server ? This would indicate that they have guesses/read your password and are relaying. If they are just using your address as a "return" address for the spam they send from their server then you will need to get on an airplane and pay them a very personal visit.

I've had both scenarios occur several times. I also block all e-mail from over seas. Only Domestic and Canadian e-mail even gets to the filters. South of the border is pooled separately. Overseas is completely terminated, which is where 80% of spam comes from.


madylarian
The curmudgeonly
Premium
join:2002-01-03
Parkville, MD
reply to nonymous
Having one's domain spoofed in a spam run seems to be one of those "coming of age" events for domain owners. It's happened to all of us at one time or another and there's really nothing you can do about it. No domain is too big to be spoofed and there is no way to stop it from happening.

Fear not, though, it will not put you on a blacklist since that field has nothing to do with the sender or sending server.

mady
--
Honi soit qui mal y pense

nonymous
Premium
join:2003-09-08
Glendale, AZ

1 edit
reply to SipSizzurp
Not coming from google apps as I can see that from the headers. Changed and strengthened the passwords anyways. Plus did same for the registrar.
also checked all the records etc. too make sure dkim and spf were still set etc.


vaxvms
ferroequine fan
Premium
join:2005-03-01
Wormtown
kudos:3
Reviews:
·Charter

1 recommendation

reply to nonymous
said by nonymous:

People then see the sender and think my domain.

How often do you check the address of the Spam you get? Why would others?
--
Some people don't know what they don't know.