Spammers using my mail server!

W

Wayhome

Guppy
Over the last couple of days, I have received hundreds of "undeliverable" messages from all over the place because someone is using my domain name as part of their return address. For example, a return address may be something like [email protected]. Even though I don't have a mailbox named dfsrdf, my catch all box still gets the post.

How can I prevent this from happening without losing the benefit of a catch all? The return addresses are too many and varied to put in a spam list.

Thanks!
...Wayhome
 
The spammers are probably not actually using your mail server. Viruses and spammers can easily send an e-mail from anywhere and simply put [email protected] as the reply-to and from addresses. The To: addresses are also made up so many of them are invalid which is why you are getting undeliverables back to you.

My suggestion would be to not use the catch-all. Just make aliases for common addresses that you actually want to get mail for (like admin, abuse, sales, etc.) That should save you some hassle with all the junk.
 
You could try setting up a mailbox for that specific name and discarding all incoming mail for that mailbox.
Not using a catchall would be better though, you avoid some spam, and many of the replies you're getting now are flat out refused, saving you email traffic.
 
Wayhome said:
How can I prevent this from happening without losing the benefit of a catch all?
Click to expand...

I had the same problem by a jerk Brazilian spammer
that was using my server to advertize the following
domain names:

SPAMMER: www.vendasvip.com (vendasvip)
SPAMMER: www.business-br.com
SPAMMER: www.colinread.com
SPAMMER: www.videosgls.com
SPAMMER: www.glsfilmes.com
SPAMMER: www.maioresinformacoes.com
SPAMMER: rbnserver.com.br

All these domains (maybe more) are owned by the
same crook. I tracked down the IP to 200.211.4.189
and the ISP to [email protected] and then reported
him w/o any luck. Tried it all spamcop, [email protected], fbi,
domain registrar and nothing worked. If you want
catchall (like me) then we are stuck getting abused by
these jerks. Now that there is a lot of "phishing" bank
and credit card scams poping up mybe the govenment will
do something about it. I empathize completely and have
the same frustration and hop somday thesethese criminals
are punished for their scams.

hatespammers
 
This moron continues to send out SPAM ads for
SCAM: www. vendasvip .com
SCAM: www. business-br .com
SCAM: www. colinread .com
SCAM: www. videosgls .com
SCAM: www. glsfilmes .com
SCAM: www. maioresinformacoes .com
SCAM: www. informacoesonline .com
SCAM: www. festinhasbrasil .com
I report every single bounce to spamcop. I have also
checked this jerk out and he has defrauded several
people. They were charged but never received
anything. What a jerk!! How long will it
take for people to learn that spammers are crooks
and that you should never buy anything from them ?

http://www.idec.org.br/forumler.asp?id=2309
http://www.joewein.de/sw/spam-bl-v.htm
 
"Phake Websites"

Email Phishing has been replaced with a much more profitable scam: "Phake Websites" Here is how it works: crooks send out SPAM Emails with reasonable looking offers and pointing to what looks like a real website with real products (example: videosgls, glsfilmes, maisrenda, maioresinformacoes, festinhasbrasil, vipfilmes, informacoesonline, etc). The "scam" site is just a front for collecting credit card an bank account numbers. One a few are collected the crook disappears without a trace. What will these crooks think of next ?
 
The main problem is that big corporations and pharmaceutical dealers won't crack down on people who abuse their affiliate programs because it's making them money. For instance, I tracked down a spammer once and it was easy. I got a ton of those undeliverables, and I looked inside to see that the guy was getting people to sign up for new car quotes. So I replied with a phony name and info. 3 days later I got a call from the local dealership and explained what I had done. They told me they got my info from car.com so I called them. They actually had an employee whose only job was to fight spam. So I told her about the spammer and through the emails she could easily tell the affiliate ID number. BUT THEN, she contacted teh affiliate and he of course denied any wrongdoing. And because he took down the bogus site that was collecting the info she took his word over mine. Throughout the whole process it was clear that car.com was protecting it's money-makers without regard for how they collected people's info.

But really when you think about it it would be easy to track a spammer if they weren't protected by big businesses. All you have to do is pay with a credit card for their service, then follow the trail backwards....following the money. Just like drug trade, no one will ever shut that down either because too many big businessmen are behind it. :))

I guess this doesn't help anyone, I just thought I'd vent and kill time until 24x7 Jodohost outsourced reseller support comes online. :D hee hee

-Brad
 
We should all come together and create an underground force to fight spam and become so distinguished that when spammers hear our name they shart a little in their pants. We can be like modern day superheros! I want to be Anti-Spamboy with a cape and some tights. Well maybe not tights but I definately want to wear a cape when we're fighting spam! A cape, some speedos, my magic bicycle helmet and a pair of tube socks with the two colored lines. That'll be my superhero outfit...
 
Well I kinda wanted to stay away from tights or spandex cause the last time I was a superhero, they would really interfere with my jumping spider ninja back kick. I like the logo idea though, think I'll use that. What are you going to wear and what's your name gonna be?
 
Tracked down the follwoing domain names of the jerk abusing my domina name. Contacted theirs web hosting company/ISP ( via: [email protected] ) and they said they will not do anythin because they are a legit site. Searched Google and found dozens of PHISHING complains about this crook. If the authorities were more agressive against these
webhosters maybe the SPAM would eventually die off, but with so many webhosters.

SCAM DOMAIN OWNED BY SAME CROOK USING IP: 200.211.4.130
adamsmorris.com
banksmccoy.com
blairrowe.info
frenchroy.info
garzalittle.info
glovertodd.info
halllopez.com
harrisclark.com
haynessantiago.info
kellerbarber.info
nicholsonmonroe.info
owenwong.info
sotohorton.info

SCAM DOMAIN OWNED BY SAME CROOK USING IP: 200.211.4.189
abscissae.com
aprenda.tocar.nom.br
aumenteseusrendimentos.com
bixkla4.info
business-br.com
cdgserver.com.br
colinread.com
festinhasuniversitarias.com
glsbrasil.com
glsfilmes.com
jfdsioe.info
lmnc84s.info
maisrenda.com
nrknvt.info
radewq54sd.info
rendaalternativa.com
rendacar.com
rendaxxx.com
sexofilmes.com
stcvip.net
sucessovip.com
vendasvip.com
video.concursos.nom.br
vocemerecemais.com
webgatas.com
avisligh.com
bixkla4.info
jfdsioe.info
lmnc84s.info
nrknvt.info
radewq54sd.info
wqeryty.info
xfilmes.com

Routing details for 200.211.4.130
Using abuse net on [email protected]
abuse net nic.br = [email protected], [email protected], [email protected]
Using best contacts [email protected] [email protected] [email protected]
[email protected] redirects to [email protected]
I refuse to bother [email protected]

Parsing input: 200.211.4.189
host 200.211.4.189 (getting name) no name
Routing details for 200.211.4.189
Using smaller IP block (/ 30 vs. / 9 )
Removing 2 larger (> / 30 ) route(s) from cache
[refresh/show] Cached whois for 200.211.4.189 : [email protected]
Using abuse net on [email protected]
abuse net embratel.net.br = [email protected]
Using best contacts [email protected]
 
You must log in or register to reply here.
Back
Top