spam being sent using my domain

Doran Barton fozz at iodynamics.com
Thu Jan 18 22:04:13 MST 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Derek Davis wrote:
> Thanks.  I'd hate for people to think that I've turned into a spammer.

A common tactic for spammers is to send e-mail through an open relay using
the From: address of a completely arbitrary e-mail address like
skjshdf at dnadavis.net. If and when this e-mail bounces, where does the bounce
notification go? In this case, it goes to you.

What can you do about this? Not much, really.

What can be done about it? Frameworks like Sender-ID and SPF have made some
progress. SMTP servers use these methods to verify a message is coming from a
valid relay for your domain. For example, if e-mail purporting to be from
skjshdf at dnadavis.net comes through some comcast.net address and the SPF
record for dnadavis.net says only the IP 216.163.188.58 is a valid relay for
the domain, a SPF-enabled SMTP server will know to reject the message.

Unfortunately, until the whole world standardizes on some kind of relay
validation system there will always be some spam that seeps out disguised as
being from someone at your domain.

- --
Doran L. Barton <fozz at iodynamics.com>
http://www.iodynamics.com/ - IT and Web services, open source specialists
 "The manager has personally passed all the water served here."
    -- Seen in an Acapulco hotel
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFFsFFNfSztmbgzr0ERAkxPAJ9sLh/t5cmn+bxC5lZ4v+HWdVDN4QCeM4Bd
s2x9HzF0fXj1wTOrA/JSc/A=
=mt5L
-----END PGP SIGNATURE-----



More information about the PLUG mailing list