Thursday, October 18, 2007

I've Been SPAM'd

I knew it was bound to happen eventually. Especially since buying my own domain name "" and using that email. It is actually my third email account (after hotmail and yahoo) and I have tried very hard to not get on spammer lists, but it was bound to happen.

A few days back I came home to find over 1000 emails in my account. All of them were bounce backs, i.e. returned to sender due to recipient unavailable. The sad part is not knowing how many thousands went out to valid emails with my email address in the from field.

Unfortunately anyone can forge an email header to make it say whatever they want. I contacted my GoDaddy to see what they offered for help and got the following response:

"These emails are the result of an e-mail spoofing exploit in which someone sends out spam emails that appear to be from an address other than the actual source. This is one of the easiest exploits to carry out, as the spammer can simply change the Reply To address in their e-mail application. Spammers often will use a random address from their spam list as the From address in their outgoing spam, which is likely how your domain and/or address originally became associated with this spam traffic."

"As an additional measure, you may wish to create an SPF Record for your domain. An SPF Record is a list of servers that are authorized to send email that has a return address based on your domain. If an incoming mail server is configured to check for this record, it will reject any email coming from a server that is not listed in the SPF record."

Unfortunately there is not much else to be done. I haven't noticed my email being blacklisted yet, but I'd imagine it will happen eventually. for now all of the "delivery failure" bouncebacks have stopped. I hope it doesn't happen again.

No comments: