Web Hosting Talk






PDA

View Full Version : Any Ideas about how to block this sort of spamming

Stew
04-24-2002, 06:16 AM
Some mob in Russia are sending out mass emails which appear to come from one of my sites.
the url is motocrossdirect.com and the emails are from
dctsyfnre@motocrossdirect.com etc.

The email is some advert for a mass emailer.

Anyway, I'm getting all the returned undeliverable emails.

Is there any way I can stop this. or anything I can do about it.
They are not emailing via my server, at least not that I know of, just hijacking my domain name.

Thanks
Stew
cperciva
04-24-2002, 07:52 AM
If they're in Russia, there's not much you can do. There have been several cases in the US and Europe where people have won lawsuits against spammers who have used their domain names -- usually this is counted as fraud, in one case as libel -- but I doubt you'll have much luck getting charges laid in Russia.

You could complain to their upstream ISP... even "spam-friendly" ISPs sometimes balk at supporting fraud.
Stew
04-24-2002, 07:57 AM
thanks for the reply, how would I find out who their ISP is then?
Any suggestions?
cperciva
04-24-2002, 08:05 AM
Look at the mail headers -- I'm sure there will be a copy of the full headers somewhere amid all the bounces -- and traceroute (tracert if you run windows) the IP address which the mail is being sent from.
Stew
04-24-2002, 08:07 AM
Thanks for taking the time to respond, I'm on the case.
rockman
05-05-2002, 08:43 PM
Here's how to block a particular sender if you're not using Cpanel (which does not use procmail):
-------------------------------------
To reject mail from a particular e-mail address [in this example,
email@sender.com] to a domain on your server [in this example, recipient.com] do the following:

1. SSH to the server.

2. Generate a ".rc.local.init" script in the /home/username/domain-mail directory, i.e.,
/home/username/recipient-mail/.rc.local.init

by entering this line:

:0
* ^From.*email@sender.com
/dev/null

The file ".rc.local.init" should already called by ".procmailrc" in most standard mail configurations, so everything is set up at this point. After adding this code, any mail sent to the "recipient.com" domain from "email@sender.com" would be deleted and not delivered to any mailbox in the "recipient.com" domain.

You can also place a complaint by visiting:
http://spamcop.com/

Hope this helps.
webx
05-07-2002, 03:12 PM
That's www.spamcop.net actually :cool:
Pingu
05-09-2002, 07:05 PM
I'm using spamcop, just about two dozen times a week.
And all for the same spam source. The domainname changes, the source of the spam changes, from one isp to another and back again, but the spam keeps coming. Whoever these iditos are, they seem to have a wealth of ISP accounts and don't care about losing one or two every week.

Apparently it pays more then enough to spam, so no, unless you block them manually, each time, you'll never get rid of such nonsense.