Topic 'Re: My domain spoofed sending spam' in forum 'Security' - dslreports.com

Re: My domain spoofed sending spam

Mon, 12 Nov 2012 11:52:16 EDT

vaxvms posted :

People then see the sender and think my domain.

How often do you check the address of the Spam you get? Why would others?
--
Some people don't know what they don't know.

Re: My domain spoofed sending spam

Mon, 12 Nov 2012 08:12:29 EDT

nonymous posted : Not coming from google apps as I can see that from the headers. Changed and strengthened the passwords anyways. Plus did same for the registrar.
also checked all the records etc. too make sure dkim and spf were still set etc.

Re: My domain spoofed sending spam

Mon, 12 Nov 2012 00:46:34 EDT

madylarian posted : Having one's domain spoofed in a spam run seems to be one of those "coming of age" events for domain owners. It's happened to all of us at one time or another and there's really nothing you can do about it. No domain is too big to be spoofed and there is no way to stop it from happening.

Fear not, though, it will not put you on a blacklist since that field has nothing to do with the sender or sending server.

mady
--
Honi soit qui mal y pense

Re: My domain spoofed sending spam

Sun, 11 Nov 2012 22:02:56 EDT

SipSizzurp posted : Are the bounced e-mails originating from your own server ? This would indicate that they have guesses/read your password and are relaying. If they are just using your address as a "return" address for the spam they send from their server then you will need to get on an airplane and pay them a very personal visit.

I've had both scenarios occur several times. I also block all e-mail from over seas. Only Domestic and Canadian e-mail even gets to the filters. South of the border is pooled separately. Overseas is completely terminated, which is where 80% of spam comes from.

Re: My domain spoofed sending spam

Sun, 11 Nov 2012 18:09:18 EDT

nonymous posted : Not a lot of bounces just figure for the few bounces way more go through. People then see the sender and think my domain.
They are sent from the random gibberish@mydomain.com .

Just the one in a million chance goes to someone important that I do send email to. Look for work and prospective employeer gets russia woman off my unique domain along with my job application.

No bounces have been real accounts at my domain and no complaints from any friends etc. Still even though quick searches say live with it why doesn't more spoofed spam come from real fortune 500 companies?

Re: My domain spoofed sending spam

Sun, 11 Nov 2012 17:58:48 EDT

nwrickert posted :

said by nonymous:

So my domain has been recently spoofed. Is there more I can do?

Probably not. Just ride it out. After a while, they'll try a different domain.

Depending on your software, you might be able to use filters to separate out all of the spoofed-mail-bounces.
--
AT&T Uverse; Zyxel NBG334W router (behind the 2wire gateway); openSuSE 12.2; firefox 16.0.2

My domain spoofed sending spam

Sun, 11 Nov 2012 17:28:54 EDT

nonymous posted : I use Google apps for my domain and use DKIM and SPF also.
I am getting bounced emails lately like I am a Russian women visit my website. No they are not going through my account as server is in another country and does not pass SPF. So emails do not validate to my real apps account.
So my domain has been recently spoofed. Is there more I can do? Quick online search says no but well I as far as I know do not get randomgibberrish@chase.com or randomgibberrish@someotherbigcompany into my spam folder.
So do the big companies not get spoofed or is there something more professional to do.
Would spoofed email end my domain up on a blacklist? Shouldn't as does not verify from me yet? never thought about it as has not happened since had domain years ago. Plus other domains i have knock on wood have no bounce backs.