What can I do about an email address on my domain being spoofed? I know its really easy to spoof an address but how can I stop somebody from doing it?
I've been getting undeliverable messages for the past few months now, all ended up in my spam folder but I've only now started looking at them. It seems somebody is spoofing a random email address on my domain in order to send spam. I'm now worried about my domain being blacklisted because of this.
Example of returned mail:
A first I thought it might be spyware that had hijacked one of my home PC's but thats unlikely as they're all pretty well locked down. Then I noticed they all seem to be coming from a SquirrelMail client (v1.4.3a).
Is there anything at all I can do about this?
Thanks,
Andrew
I've been getting undeliverable messages for the past few months now, all ended up in my spam folder but I've only now started looking at them. It seems somebody is spoofing a random email address on my domain in order to send spam. I'm now worried about my domain being blacklisted because of this.
Example of returned mail:
Code:
Received: from anchor-fallback-93.mail.demon.net (194.217.242.93)
by mail.m****here.biz with SMTP; 6 Oct 2005 14:21:42 -0000
Received-SPF: none (mail.m****here.biz: domain at anchor-fallback-93.mail.demon.net does not designate permitted sender hosts)
identity=mailfrom; client-ip=194.217.242.93;
Received: from lon1-relay-2.mail.demon.net ([194.217.242.209]:44750 "EHLO
relay-2.mail.demon.net") by anchor-fallback-93.mail.demon.net
with ESMTP id S1867352AbVIVEsx (ORCPT
<rfc822;aquachi@**mydomain**.co.uk>); Thu, 22 Sep 2005 05:48:53 +0100
Received: by relay-2.mail.demon.net with local id 1EIJ0u-0003hd-LG
for aquachi@**mydomain**.co.uk; Thu, 22 Sep 2005 04:48:52 +0000
X-Failed-Recipients: [email protected]
Auto-Submitted: auto-generated
From: Mail Delivery System <[email protected]>
To: aquachi@**mydomain**.co.uk
Subject: Mail delivery failed: returning message to sender
Message-Id: <[email protected]>
Date: Thu, 22 Sep 2005 04:48:52 +0000
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
[email protected]
SMTP error from remote mailer after RCPT TO:<[email protected]>:
host relay.star.co.uk [62.231.131.195]: 550 Invalid recipient <[email protected]> (#5.1.1)
------ This is a copy of the message, including all the headers. ------
Return-path: <aquachi@**mydomain**.co.uk>
Received: from [221.162.63.103] (helo=bayareamailboxes.com)
by relay-2.mail.demon.net with smtp id 1EIJ0t-0003ft-Fs
for [email protected]; Thu, 22 Sep 2005 04:48:51 +0000
Received: from 194.1.215.2
(SquirrelMail authenticated user aquachi@**mydomain**.co.uk);
by bayareamailboxes.com with HTTP id J87Gz058222265;
Thu, 22 Sep 2005 04:44:03 +0000
Message-Id: <[email protected]>
Date: Thu, 22 Sep 2005 04:44:03 +0000
Subject: Suprise for your woman...
From: "Nydia Finley" <aquachi@**mydomain**.co.uk>
To: [email protected]
User-Agent: SquirrelMail/1.4.3a
X-Mailer: SquirrelMail/1.4.3a
MIME-Version: 1.0
Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
<html>
Cialis Soft Tabs: perfect feeling of being men again.<br>
Starts working within just 15 minutes.<br><br>
SOFT TABS:<br>
<a href="http://cejmaghkbf.flatbless.biz/?dilbfxssrycejmzctaghk"><b>Info Site</b></a><br><br>
You take a candy and get hard rock ohZerectionSpamion.<br>
This is not miracle. This is just Soft Tabs.<br>
</html>
A first I thought it might be spyware that had hijacked one of my home PC's but thats unlikely as they're all pretty well locked down. Then I noticed they all seem to be coming from a SquirrelMail client (v1.4.3a).
Is there anything at all I can do about this?
Thanks,
Andrew