Completely OT Spam Attack?

Checked my e-mail when I got in & received 300 + messages, most of which were dumped by Norton into the Spam folder.

Apart from the usual 'increase the size of your willy' & 'we need your bank details' Spam the majority were some form of message delivery failure, a few were failures to postings on yahoo groups.

About half were apparently messages from my blueyonder address & the rest from weird names @medwayhandyman. Some were 'I'm out of the office' auto replies. None of the apparent failures are names in my address book.

Any idea whats going on here?

Can I limit the xxx@medwayhandyman variations?

Reply to
The Medway Handyman
Loading thread data ...

Someone has spoofed your email address and is sending spam to other people pertending to be you. It's unlikely to be a virus or security breach. Have a read here

formatting link
Can I limit the xxx@medwayhandyman variations?

If you mean that you'd like to restrict the email addresses that you receive mail on (such that you don't receive emails addressed to randomaddress@medwayhandyman) then you need to ensure that your email-catch-all is turned off. I hope your hosting company have an easily navigable email management system.

Have a look at

formatting link
I'm not afiliated to this company in any way other than being a satisfied customer. Reporting spam is free and just requires registration. There's some satisfaction in having spammers reported and the sites that they promote shut down.

Regards Stuart

Reply to
Stuart Kenny

messagenews:SSnYi.248811$ snipped-for-privacy@fe2.news.blueyonder.co.uk...

The good news is that these 'attacks' (which are not directed at you btw, just using your domain as a sending address) almost always die down quite quickly. It's not in the spammers interest to keep using the same sending domain as this will quickly be added to the recipients blocked lists. I usually say to customers that at worst it could last a couple of weeks, but often it's only a few days. If it's really bad (and 300+ rejections is not really bad) then the domain can end up on some of the black lists operated by the spam cleaning companies. You'll know this has happened if your emails start getting bounced.

All spam is a pain in the a**se but I tend to regard anything below a couple of hundred a day as fairly light. Worst I've seen to date is

81,000 in one weekend - and at that stage you just bin the domain and start again.

Simon

Reply to
Bitstreams

It's just some spammer using your address in the from field to disguise the messages true origin. Some are being bounced back because the mail address they were sent to does not exist, other have got through but have auto-generated an out of office reply. There is not much you can do about it, what you are seeing is the part of the spam run that didn't get through, the rest will probably have gone into someones junk filter and been ignored.

Reply to
djc

What i do is filter the genuine name@mydomain mails into appropriate folders and then put everything else into a junk folder, which I occasionally examine to make sure my filtering is working ok.

FWIW I'm using mozilla mail.

Reply to
John Stumbles

I pay my ISP (Clara) ~£20 a year to filter it out for me. What's spam?

Owain

Reply to
Owain

.... comes with chips, eggs and more spam.

Bloody Vikings.

Reply to
Andy Hall

Someone has been using your addresses to SEND messages AS.

To get around the 'its not valid sender so reject it' spam filters.

Depending on your ISP's mail thing, you may be able to configure your mail server to only respond to ONE address at your domain.

That will shut off the flow

Reply to
The Natural Philosopher

I do hope you are talking about at least two domains for that price

Reply to
geoff

Clara are not cheap,but mostly everything works, especially the news server, and they don't tie you up with many restrictions.

Reply to
The Natural Philosopher

Before I started living behind several layers of antispam, I was getting several thousand an hour.

We reject some 12,000,000 a day at work.

Reply to
Huge

As other have said, it is probably someone cloning your address, although you need to look at the message headers to be sure. They will tell you where the message actually originated - probably somewhere ending .ru If the messages were actually sent from your machine, you need to improve your firewall and run an anti-virus programme. I use Avira as it annoys me less than Nortons.

If you are only getting 300 messages a day, Inboxer

formatting link
is good and IMO much better than Nortons at getting the filtering right.

We have but that is something I sub out to one of my ISPs - a bloke called Dave - and we run an email server. He also runs software that stops most of the spam at the servers. Having taken over a number of domains whose previous owners did not know how to create an email link that would not be picked up by robots, 300 spam emails a day would have been a quite day before Dave got to work.

Colin Bignell

Reply to
nightjar

Owain

Reply to
Owain

My address has also been cloned, not a problem from the point of view of what I receive. The big problem is that I have been blocked by addresses to which I wish to send, now that is a pain. I've set up a Yahoo mail address to send to those, so I can still keep in touch, but what a pain in the derrière.

Reply to
Broadback

ge

Do systems really still block based on sender addresses? For exactly the reasons discussed this is a foolish method given the amount of forged mail out there - it was acceptable in the '80s but not these days. Are you sure its your address that's being blocked and not some other element (e.g. the mail server you're sending via etc) of your mail?

Mathew

Reply to
Mathew Newton

Yes.

Or to be precise, many block on lack of valid sender address, which is why spammers are using the OPs.

For exactly

Reply to
The Natural Philosopher

I think you misunderstand. Broadback's address is 'valid' but he/she believes it to be being blocked as it has been spoofed in the past. Blocking e-mail based on the sender address (based on previously received e-mail supposedly from that address) is highly likely, if not a vitrual certainty, to result in false positives and is effectively vulnerable to a DOS attack.

Mathew

Reply to
Mathew Newton

I get a couple of hundred spams a day. Many spammers use my address as "from". To me, as a single user with a domain, this is an absolute black point - I don't mail myself, so it must be spam.

The backscatter does annoy me - these people saying "why did you send me spam?" - haven't they realised yet spam "from" addresses are *always* forged? (these too go straight in the bin)

I have ceased to record source addresses for blacklisting. They are not normally repeated.

Andy

Reply to
Andy Champ

I filter my own email locally using POPfile - works very well, with well over 99% accuracy - however, I do still scan quickly down the spam folder evry week just to check for anything tagged in error - just occasionally I get one.

My concern with letting the ISP filter my spam is that how do they know better than me which is spam and which isn't? Isn't there a reasonable risk of losing genuine mails for good that way?

David

Reply to
Lobster

There's a small risk. Demon use Brightmail which works by having dummy mailboxes which have *never* been used to send mail. The addresses are leaked to the spammers and any mail received by these boxes is spam. A hash generated from these mails is then used to flag similar mail received by Brightmail's customers.

Reply to
Huge

HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.