Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Spammers Hijacking My Domain Name

TW Atwater (1145245) writes | more than 6 years ago

Spam 1

TW Atwater writes "My wife and I run a small Mom and Pop business and we have a website and email accounts. I set up a catch-all account to trap misaddressed messages. It also works well for one-shot submissions to sites that demand an email address.

Now, for the second time my catch-all email account was flooded this morning with notices of rejections and undeliverable email from dozens of ISPs. In every case the rejected email was from a non-existent account. The headers indicate the origin of these emails is in Poland, and (no surprises here) the subject is Viagra.

Aside from the feeling of having been violated, I worry that if this happens often enough I may find my domain blocked as a SPAM source. Also, I will eventually have to explain to clients that we are not advertising Viagra.

I've run nmap on my router and computer and am confident that the messages are not being run through my box. My hosting is with GoDaddy.

The question for Slashdot is how can I protect myself from having my domain name hijacked by SPAMMERS? Is there anything that can be done about the nitwit ISPs who don't bother to check if the SPAM actually came from the domain in the return address before they contribute to the useless information cluttering up the internet?

Thanks, Slashdot.

My signature is missing."

cancel ×

1 comment

Sorry! There are no comments related to the filter you selected.

Catch all doesn't work any more. (0)

Anonymous Coward | more than 6 years ago | (#21573433)

It's very simple. You're going to have to ditch that catch all address. They just don't work any more, for precisely this reason.

Nitwit ISPs that bounce spam back to the spoofed sending address are just that -- nitwits. There aren't actually all that many of them now; most ISPs do act sensibly on this issue these days, but if you've got a catch-all address and someone sends out a million spams using your domain, you are gonna get a load of bounces.

The ISPs that do send still bounces aren't going to change just because you kick up a fuss. They'll just tell you to ditch the catch-all address just like I have.

Your domain won't get blacklisted because spammers are using it; the blacklist organisations are much more sophisticated than that. This happens all the time to any number of domains, so there'd be a lot of blacklisted companies if they worked like that. You may get some very uninformed individuals thinking you're sending spam, but there aren't many people these days who'll be fooled into thinking it was you that sent it.

So no, I wouldn't worry about it. Do what you can to stop it causing you problems at your end -- including getting rid of the catch-all address -- and forget about it.

SMTP Email is a broken protocol. It was designed in the days when no-one anticipated the kind of abuse it's being subjected to now. The only way this issue will be actually solved will be if SMTP is replaced entirely with a more trust-worthy protocol. Until then, we can all fight our own bit of the fight, but we can't stop spammers from sending junk in our names.
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>