spam being sent using my domain

Jonathan Duncan jonathan at bluesunhosting.com
Thu Jan 18 22:03:06 MST 2007


On Thu, 18 Jan 2007, Derek Davis wrote:

> I own the domain name dnadavis.net.  I set up a catch all mx entry, so
> that all email that I don't specifically account for gets forwarded to
> my gmail address.  This way, I can make up email addresses on the
> spot, which I like doing.  Like using oldnavy at dnadavis.net if I shop
> at Old Navy, so I know if they sell my email address to spammers. :)
> I have my home computer setup with postfix, but it's not configured
> for receiving mail.  At least not intentionally.  Recently, I started
> periodically receiving bounced or rejected messages, maybe 1 or 2 per
> week.  However, I didn't send out those messages, I don't know the
> intended recipient, and they are spam.  I looked through
> /var/log/messages, and I didn't see any entries that looked like these
> messages were sent from here, but I don't know where else to look.
> So, here are my questions:
>
> 1) How can I determine if people are relaying spam through my machine?
> If they are, I think I can wade through the postfix config and figure
> out how to stop it.  Any other suggestions?
> 2) If they aren't, but they are just sending mail spoofing my domain,
> what can I do about it?  What should I do?
>
> Thanks.  I'd hate for people to think that I've turned into a spammer.
>


All too common occurance and one that has been plaguing the Internet for a 
while.  Some call it being "Joe Jobbed".  What has happened is that 
someone sent a spam message and put your address (one of the infinite 
number that are available on your domain) in their From field.  So there 
was no relaying whatsoever.  It is really easy to do.  I could send mail 
and have it look like I was sending mail from the whitehouse. (unless you 
know what to look for in the headers)

Anyway, what can you do?  Join the ranks of the anti-spammers and help 
find a solution.  Spam filters are not solutions, they are baid-aid's.

One thing you can do is to add an SPF record to your DNS table for your 
domain name.  (http://www.openspf.org/)

Cross your fingers that some email genious comes up with an SMTP2 or some 
nice magic silver bullet.

Jonathan



More information about the PLUG mailing list