Common Craft Blog
A Spammer is Spoofing My Email Address
By leelefever on April 21, 2008 - 9:12am
How fun. Imagine my delight to wake up the last couple of days to find thousands of bounced emails - all with my address in the From: line. It's such an honor to see my address associated with other legitimate brands that are so proven in the fields of appendage enlargement.
Here's what happens...
A spammer needs to send spam emails and they don't want to use an address associated with them. So, they add someone else's address to the From: field of the email. When the email bounces, it comes to the person's address. In this case, me.
Spoofing is a pretty common problem, but still painful. Apparently, there is little that can be done aside from filtering the incoming messages and hoping that people don't think you're sending the spam. I'm looking into adding an SPF (Sender Policy Framework) record, which can also help, I hear. Any other tips?
Spoofing as violence
Lee, sorry to hear about this. As you mentioned, it is still painful, and in some sense is a violation of your online identity and event trust. I think it is helpful to come forward and speak about this, perhaps not from the sense of looking for sympathy, but rather to begin a public conversation of something that is, in many ways, still seemingly taboo.
I hope you will continue to post about this experience, as perhaps together we (all your readers) will learn something about this in the process.
blech
same thing happened to me. For two days I got hit with over 1,000 returned emails. It sucks. You have to wonder why we're so lucky, with a billion email addresses out there.
It's like we were hit with lightning. In a bad way.
Coincidence or not?
I might be going crazy but this is happening to one of my clients. Do you want to compare servers?
Paul
Me Too
I'm in the same boat unfortunately.
I found switching off "Catch All" on my e-mail domain helped as the address the spammers were using were randomstrings@mydomain.com rather than the small number of actual addresses I use for the domain.
My ISP didn't want to know even when I could provide the IP address of the spammer.
Me too, same as Jamie
Just to add another me too to the pile. I noticed them a few weeks ago and on looking at the details they were spoofing random addresses from everything at my domain name. As Jamie did, I switched the "all other email" addresses policy to dump them in the bin, rather than forward to my main address.
But, I am still regularly getting a bunch a day that are bounced spams "from me."
Let us know if the SPF works (and what it is, if it does).
We might have the same
We might have the same spammer! It's been happening to me, too, and just over the last couple of days.
Weird!
Isn't that strange that so many of us have had the same issue. It seems like it must be an outbreak vs. coincidence. I wish we could somehow gang up and do something, but the spammers are a wily and evil bunch.
So, about SPF. This may help, if you can get through the jargon:
http://www.openspf.org/Introduction.
Yes, set up and SPF record.
SPF is very effective - so long as your DNS servers will support it, and the recipients are using it... there's the catch.
It won't prevent the bounces coming back at you from those who aren't using SPF. If enough people start using it (finally, after being around for 3 years+) maybe it will help cut the spam down.
If you need help setting up your records, let me know.
Setting SPF
I had setup my SPF record, however when I do a spoofing of an email from xxx@mydomain.com, the mail arrives perfectly to Gmail and not to Hotmail. Hotmail identifies this mail as fake ans sent it to Junk Mail. Howerver Gmail put it into Inbox.
What can I do to solve this with Gmail?
Happened to me as well. I
Happened to me as well. I changed the Catch All, but apparently after a while your domain becomes registered as a spammer.
What you could try perhaps, is to move over to gmail. Their spam filtering is brilliant. I'm going to try that in a couple of days... once I have time!
I share your pain
I share your pain. Just last Friday a similar incident happened. The account that was spoofed was a forwarding account from my main website, and thankfully Gmail's anti-spam features filtered the bounced mails into my Spam folder.
A quick check with my web hosting providing indicated that it was indeed a spoof attack, and they gave me the same advice, that there was nothing I could do to stop the spoofing so long as open-relay mail servers were still about.
Thankfully the bot subsided over the weekend, and I haven't seen any bounced mail for the last few days.
For all the wonderful innovations I read about on the Internet, it's a wonder though that they haven't patched this long-standing issue yet.
Could be a PC virus ...
While working on other people's computers lately, I've been noticing that there seems to be a surge of these types of emails and also a ton of "undeliverable emails." They ask how could I send these emails, I wasn't even awake at that time.
I explain that they could be in someone's address book that has a virus on it.
It doesn't make it any better, but makes me like working on my Mac.
Scott
Spoof/Spam emails on Mac
I started getting the bounced emails from "my" email account a couple of months ago--on my Mac. Now, I'm no longer getting bounced emails, but I am getting a load of emails sent TO my (real) account, FROM "my" (hijacked) email account. Most are advertising "enhancement/enlargement" products, but some are for Rx meds and other garbage.
Does anyone know if my email account was easier to hijack because I use Microsoft Entourage? If I'd used a mac.com email address, would this not have been a problem?
Thanks for any input/advice,
Pam
SPF and Spoofing my email
Me too, the most frustrating part aside from lack of control is how long it took to find a olution in part at least. Thank you so much.
I have found it interesting as I have about five sites and 20 odd domain names but it happens to just this domain and started almost form the time I moved it to its own server? Go figure, just coincidence. Thanks again
i love the site
the site is realy cool.
i had the same thing happen
it seems to happen periodically, probably because, for years, my email wasn't cloaked on my site or blog. This time it's jewlery. It's an awful situation. But it seems temporary. they go on to the next stolen email in a week or so. sigh
Re: Spoof/Spam emails on Mac
The fact of spammers using your email address to spoof their identity has nothing at all to do with which brand of computer you use. They get the addresses from the internet, either by using bot programs to scan web pages and Usenet groups for them, or by simply generating random address strings until they hit on one that works. It's the same when they send email. They use programs to generate random user names and then tag them in front of domain names they've harvested or learned from lists other spammers have collected. The idea that macs are somehow immune to problems that affect PCs is purely an advertising ploy on the part of Apple. Apple certainly cannot guarantee that you will not receive spam, or stop spammers from sending mail to or spoofing addresses from one of their internet mail servers.
same happened to me
It is really annoying and there is not much I could do to stop this except for cancel the 'catch all' rule on my site
Sent to my Email addresses
What if they have sent an email from my email account to everyone in my address book? Only realised when some were undeliverable. Apparently I am recommending a website for electronics in China!
Same thing
Same thing happened to me yesterday. Is there really nothing that can be done?
Spammer accessing friends' addresses from addressbook
The same has just happened to my workmate and she's distraught. She's emailed Hotmail and informed them but not heard anything back yet. This chinese website have sent their details out to everybody in her address book as well as lots of other companies/individuals. She's also getting postmaster 'undeliverable mail' messages back.
Does anybody know how she can stop this and make her email address secure again? Any help would be gratefully received.
Arrgh, They have my wifes
Arrgh,
They have my wifes email and it driving her nuts.