While getting spam is bad enough... it is infuriating to get one from someone using your own email address (appearing as being from me to me). While it seems doubtful they'd ever use mine to spam others (they wouldn't receive a response, I would)... what alternatives exist other than blocking my own address? Can these impersonating perpetrators be traced?

One of the things that can help is adding an SPF record to the domain, when they spoof your email/domain the SPF should fail or at least return neutral and you can have your spam/content filters handle it accordingly. The SPF record basically tells a receiving mail server where are the legitimate sources of email from your domain (so a HostMySite server would be a valid place, while a random server in Russia would not be).

You can ask support for the default record, or you can make your own to be added here http://old.openspf.org/wizard.html

thank you Connie

If you are receiving the 40% or 70% off emails from your own email address, as most are nowadays, I know postini is blocking them. SPF records are good, however if they aren't configured properly they can cause problems. Postini has been great in stopping all spam, including spam where they spoof your from address.

Spammers spoof your from address and send you email to confuse you into reading it, and to help bypass mail filters. When they spoof your from address and send the mail to others it is because they don't want to receive the several thousand bounceback messages which would now goto you.

If you have any problems let us know by sending a ticket to support@hostmysite.com

Actually, a bigger concern should be if someone is using your email address to spam you, then they're likely using it to spam others. This would explain all the 'undelivered email' notices. While at first I didn't see how doing this would benefit them, believing I'd be getting the responses (for an 'order' say), not the spammer, they could insert a link (to them) within the text portion.

This would eventually amount to yours and my email addresses being blocked by countless recipients, 'ruining them' in effect for legitimate purposes. Their tactic seems to be... having exhausted their own email addresses, find and use good email addresses (yours/mine) until they're blocked then find more.

Isn't this possible (or the case)?

I think email systems should be set-up whereby people are only allotted one email address and make it impossible to use another. As for businesses, one email address for each department or department section. Furthermore, all held responsible for it.

Actually a lot of spammers simply use their scripts to set the FROM address to be the same as the TO address, or at least in the same domain. However if you are getting non-delivery reports for messages you didn't send then they are likely to be using it to send spam.

Most ISP's do not block domains because of the FROM address sending them spam. They know how simple it is to send spam with anyones email address. In mail scripts you simply type in whatever you want to be the FROM address or use a variable to make the FROM address and TO address the same. Spammers mainly do this so that they don't get the countless bounceback messaages that come from sending millions of emails.

I wouldn't be too worried about a spammer sending you spam messages with your email address or domain in the FROM address as it is a tactic they use to confuse users into opening and reading. If a spammer is using you email address to send spam you will be getting a few hundred/thousand non-delivery reports. If this is the case there is not much that can really be done to 'prevent' them from using it. SMTP was not designed to 'stop' this from happening as it never predicted it would be as big of a problem as it has become. You can add an SPF record to your DNS Zone which helps let receiving mailservers know what the authoritative IP addresses are for your domains mail. You can read about SPF records at openspf.org. In our shared environment we will need to assist you because we have outbound gateway servers which over 50 IP addresses alloted to them. If you contact us about an SPF record please let us know if you have a website that sends mail at all and does not have a REMOTE HOST set (means it comes directly from the server), ifyou have a blackberry (blackberry uses their own mail servers which would have to be included), any third party mail systems for things such as list servers, one of our list servers, and ensure that you have the outbound SMTP server set in your mail clients to be our servers here and not your local ISP's for all of your computers that send mail with your domain.

Thank you Ray, I'll be checking out openspf.org. I use Yahoo mail exclusively to send email... but only a couple a day (don't do bulk email or newsletters). So far, I'm only getting about 2 dozen 'undelivered notices' a day so I guess it isn't too bad yet.

Just yesterday I got the following kickback email I DID NOT SEND which. as suspected, used my email with a link to the spammer embedded in the text:



(the jerk)

yeah..thats spoofing when you get the bouncebacks..I would complain to the host(s) of the spamvertized domain about the spam. It is likely they don't even know it and are perhaps compromised in some way.

bigredheep.com is registered to Low Voltage Solutions LLC

HRNOC.NET (their DNS servers domain) is hostrocket.com
OrgAbuseEmail: john@hostrocket.com 866-519-7079


bigredheep.com/sif redirects to shoesgucci21.com

http://network-tools.com/default.asp?prog=whois&host=shoesgucci21.com

They are hosting their website in the APNIC network
http://network-tools.com/default.asp?prog=network&host=shoesgucci21.com

(good luck..likely to get a 'mailbox full' error when sending an email to their abuse desk)

For your SPF record see if Yahoo has an SPF record that you can simple reference in the 'include' part of the record.

Ah... great!! Very nice, thank you for your trouble.

I sent my complaint... we'll see what happens.

On a related matter, in checking to see if hosting outfits have an association (representation as an industry), I'm told none exist. It seems to me an association could handle alot of these type problems by setting standards. Policing themselves would be better than having Big Brother involved. The idea being... membership would indicate responsibility whereas non-members would likely be seen as sponsoring spammers. Responsible website owners would then likely shun those hosting companies. It would be a great marketing tool for the good guys.

Anyway, something needs to be done. This B.S. is surely ruining the Internet experience for almost everyone. We have more important things to do than tracking down spammers one by one.

most only have abuse desks...some places we have contacts with, but theres no general place to go and make complaints. Larger companies would see it as an unnecessary expense..Actually theres a thread about 'abuse complaints' and how they should be handled in the NANOG communities mailing lists. Most companies don't even reply to abuse complaints. Unfortunately in a staring contest..who would blink first..a small ISP blocking Yahoo! for not handling abuse complaints quickly/effectively/at all or Yahoo? Now if AOL starts blocking Yahoo or Gmail starts blocking Yahoo then maybe something would get done...but theres nothing really setup for hosts to complain to other hosts other then abuse@domain.com.

I think something revolutionary is bound to happen with how the Internet operates. It may become more a conglomeration of Intranet systems similar to AOL (each with their own rules). The Internet has the same atmosphere of the Old West, of lawlessness, and is destined to be tamed.

Abraham Lincoln once said "Nearly all men can stand adversity, but if you want to test a man's character, give him power."

As it applies today (the Internet), we could also add "if you want to test a man's character, give him anonymity"