Results 1 to 14 of 14
  1. #1
    Join Date
    Feb 2005
    Posts
    34

    How to stop people spamming from your own emaill address

    Hi does anyone know how to stop people spamming from your own emaill address. It said in my email the spam comes from my email address and i do not spam i do anything in that sort.

    MY email server is on redhat linux using Ensim. Could some one please tell me what to do.

    Thanks

  2. #2
    Join Date
    May 2000
    Posts
    486
    Bottom line is that you can't - SPF and all that jazz is supposed to prevent this in the future, but as of today - nothing you can do about it

  3. #3
    Join Date
    Dec 2004
    Location
    Butler,TN
    Posts
    2,413
    Hi!
    It's true. SPF does hold some hope for the future...but...right now...it is basically useless. To add to the problems...there are a few other "solutions" trying to do the same thing....no clear one "standard" effort.

    I personally have never had this problem...but I know it happens quite a bit. Do the spam people try to blacklist you? It seems like there should be a way...if they ever came calling...to prove it didn't come from you or your server. Reply to this message with more info...I would like to learn more about this....and might be able to help.

    Bryon

  4. #4
    Agreed; there's not that much one can do to prevent spoofing... Even though it can cause serious problems, like thousands of undelivered mail-errors in your mailbox, hosts not understanding the problem and blaming you etc etc

  5. #5
    Join Date
    Feb 2003
    Location
    L.A. C.A.
    Posts
    335
    You probably recieve alot fo spam also if this is happening?

  6. #6
    Join Date
    Mar 2003
    Location
    Sacramento, CA
    Posts
    70
    There is unfortunately not a whole lot you can do about someone spoofing emails with your email address. Not only that but you might be getting a ton of MAILER-DAEMON@ messages from legitimate hosts who resceived the spoofers email. So now you are being DoS'd or DDoS'd.

    The only recourese you have, and this is way more complicated and usually just easier to ride out, is to try and track down where all the email is being sent from.

    More than likely it is from a number of different IP's in which case you are SOL again any way .

    Trust me however you are not alone in this matter. I've had this happen at two different places of employment. I am still dealing with one at the moment.
    Jacob Squires , CISSP

    security assesment, network analysis

  7. #7
    Join Date
    May 2005
    Posts
    61
    Hello,

    Check the maillog to find the message id of the rebound emails and check the data part and header part using the message id. You will get the ips. Blocking some 5 or 6 ips will solve the issue. Also have a look at the apache logs to find whether the spamming is done using the nobody user(using some kind of vulnerable scritps).

  8. #8
    Join Date
    Feb 2005
    Posts
    34

  9. #9
    Join Date
    Apr 2003
    Location
    NC
    Posts
    3,080
    Technically I can send as [email protected]'t-own.com as long as I want. Many mail servers will block it but many will accept it. Unfortunatly like others have said there is little you can do. I generally just drop all emails not sent to a good address, though is it technically against the internet protocols it is much nicer in today of mass spamming.
    John W, CISSP, C|EH
    MS Information Security and Assurance
    ITEagleEye.com - Server Administration and Security
    Yawig.com - Managed VPS and Dedicated Servers with VIP Service

  10. #10
    Join Date
    Feb 2005
    Posts
    34
    Hey eth00 how do i do it your way through sendmail?

  11. #11
    Join Date
    Feb 2003
    Location
    San Francisco, CA
    Posts
    190
    (post deleted, misread a previous one)
    Last edited by Yaroslav; 05-13-2005 at 08:48 AM.
    First Amendment of a webhost: if you fail to prepare, prepare to fail.

  12. #12
    Join Date
    Feb 2005
    Posts
    34
    No i just want to be protected from spam, i blocked afew names this morning and now i am getting a bunch of returned emails from people i am guessing trying to send through my server. How authorize only the email accounts on my server to be the only ones that have access to send send and get mail from my server?

  13. #13
    Why dont you try enabling smtp authentication

  14. #14
    Join Date
    Mar 2001
    Location
    Ireland
    Posts
    1,354
    Most of this is due to virus infected machines spoofing the from part.
    If you publish SPF records it can help, but it won't stop you getting the bounces from other mail servers.
    Blacknight
    ICANN accredited domain registrar

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •