The Lotus Cars Community banner

1 - 9 of 9 Posts

·
Registered
Joined
·
3,664 Posts
Discussion Starter #1
Well, it seems some dirtbag spammer has decided to pretend to be sending out spam from my domain (sonicdestruction.org) for some reason or another...

I've been getting returned e-mails from spam filters all day addressed from various addresses @sonicdestruction.org. Anyone ever had this happen to them? I'm working on trying to figure out where they came from through the headers, but for all I know the headers are forged anyway.
 

·
Registered
Joined
·
12,193 Posts
Could be he's using your SMTP server to send them. I'd take it offline. You could get blacklisted if people complain to your provider.
 

·
Registered
Joined
·
3,664 Posts
Discussion Starter #3
transio said:
Could be he's using your SMTP server to send them.
No.

It's not an issue with any of my servers. The issue is that they are sending spam "from" sonicdestruction.org addresses which don't really exist. I'm getting the returned e-mails because I have a default mapping that forwards anything coming to any address @sonicdestruction.org which doesn't exist to an alternate e-mail address.
 

·
Registered
Joined
·
3,664 Posts
Discussion Starter #4
As is usually the case, the administrative contacts on the domains associated with the spam are all BS. The phone numbers listed go to some random office building in TX.

IP's are owned by APNIC - I e-mailed their abuse addresses about it, but I doubt I'll get a response from that.
 

·
Registered
Joined
·
1,579 Posts
MikeAR303 said:
I've been getting returned e-mails from spam filters all day addressed from various addresses @sonicdestruction.org. Anyone ever had this happen to them?
Sure, all the time. I get tons of returns from spam and virus filters. Once they have your address as a spam target, it will also be used as a fake sender. E-mail has really become more and more of a pain over the years, even after filtering my inbox is probably 95% spam.
 

·
insert clever title here
Joined
·
7,702 Posts
What you describe has become very common. I had a catch-all email address set up for a couple of my domains, and was receiving similar emails, being bounced back to email addresses that I knew for a fact did not exist on my domains. I solved this problem by reconfiguring the catch-all email address to isntead bounce emails that don't match a valid email address.

The cause of this is a virus on someone's computer somewhere. In my case, all the emails originated from the same IP address, belong to a compuer user in Littleton, CO. I tried contacting the abuse department of the ISP associated with that IP address but never received any response.

I don't think there's any way to prevent this, just ways to cope with the result.
 

·
Registered
Joined
·
3,664 Posts
Discussion Starter #7
MattG said:
What you describe has become very common. I had a catch-all email address set up for a couple of my domains, and was receiving similar emails, being bounced back to email addresses that I knew for a fact did not exist on my domains. I solved this problem by reconfiguring the catch-all email address to isntead bounce emails that don't match a valid email address.

The cause of this is a virus on someone's computer somewhere. In my case, all the emails originated from the same IP address, belong to a compuer user in Littleton, CO. I tried contacting the abuse department of the ISP associated with that IP address but never received any response.

I don't think there's any way to prevent this, just ways to cope with the result.
I've already set up the bounce as of today... and I'm very familiar with the virus situation (one of my family members is very computer illiterate and constantly causes this problem by not keeping his virus software up to date and being gullible enough to click on those "special games" that his "friends" send him). I don't think that's the case in this situation as these e-mails look to be "legitimate spam" (if there is such a thing) for some online pharmacy scam.

My main concern with this is that my domain name could get blacklisted and added to a lot of people's spam filters because of these f**king scumbags :mad:
 

·
insert clever title here
Joined
·
7,702 Posts
Interesting - in my case it was the virus trying to replicate (I think), not legit spam. Can you trace it to an IP address via the message headers?
 

·
Registered
Joined
·
3,664 Posts
Discussion Starter #9
MattG said:
Interesting - in my case it was the virus trying to replicate (I think), not legit spam. Can you trace it to an IP address via the message headers?
I've seen the virus situation a few times - once I actually had some company try to sue me because their admin was computer illiterate and didn't understand that the virus was only pretending to be from my address even after I sent him a link to an article about it.

I can get it down to an IP via the headers, but it's pretty much useless as the IPs could be spoofed and if they aren't, they just go back to an address range in China as is usually the case with spam anyway. Good luck trying to tell a Chinese ISP that their subscribers are doing something wrong.
 
1 - 9 of 9 Posts
Top