Spammers who make it look like spam came from you

[DomeBase]

Before I learned better, I put e-mail addresses up on some of my websites. Now I have removed them, but spammers have harvested e-mails from these sites and are using them with tricky e-mail programs to make it looks like spam is coming from my e-mail addresses. Now I am getting complaints from people who think that the spam is coming from me. I would appreciate any responses from you folks to the following:

(1) Is there a good source that documents this problem so that I can refer people to it in case they do no believe me that this is possible?

(2) If I delete the e-mail addresses from the sites and deactive the e-mail accounts for a while, will the spammers eventually drop my e-mails from their lists?

(3) Is there anything else that I can do to fight this?

Thanks.

 

[tonyk2000]

Almost nothing can be done with professional spammers. Unfortunately. You may refer to RFC on SMTP-protocal (Request For Comments). RFC are official standart.
This is how spammer may work. Typed by hand in unix terminal session what e-mail software does:
> host anybody.com
anybody.com has address 20.1.27.18
anybody.com mail is handled (pri=10) by mail.freeservers.com
> telnet mail.freeservers.com 25
Trying 20.1.27.11...
Connected to mail.freeservers.com.
Escape character is '^]'.
220 mail.freeservers.com ESMTP Postfix
ehlo spammer
250-mail.freeservers.com
250-PIPELINING
250-SIZE 5120000
250-VRFY
250-ETRN
250-XVERP
250 8BITMIME
mail from: <>
250 Ok
rcpt to: [email protected]
250 Ok
data
354 End data with <CR><LF>.<CR><LF>
From: [email protected]
To: [email protected]

spam
.

 

[tonyk2000]

message body (what you see in e-mail properties and what would most likely wish to compain about) can contain ANY e-mail addresses both From and To. Original address information is not contained in the message you view. It was transmitted in SMTP-transaction (mail from and receipt to).
THE ONLY REAL THING TO COMPLAIN - IP ADDRESS OF SENDER's computer

 

[DomeBase]

Thanks for the feedback. Not to be paranoid, but may I ask if you would mind editing out the code so as not to give others any ideas/knowhow with my site name? Thanks.

 

[tonyk2000]

LOL Namepopper was quicker editing my post
Although this work with any mail server.
I needed to establish a link with a real mailserver ...
Simple: e-mail transfer protocol allows ANY From: and ANY To: fields. For any mailserver.
Answering your question, I simply showed what exactly is transmitted and how do spammers work...

 

[DomeBase]

Originally posted by tonyk2000
LOL Namepopper was quicker editing my post
Although this work with any mail server.
I needed to establish a link with a real mailserver ...
Simple: e-mail transfer protocol allows ANY From: and ANY To: fields. For any mailserver.
Answering your question, I simply showed what exactly is transmitted and how do spammers work...

I appreciate it. I just got spooked with the code mentioning my sitename. I am not very knowledgeable about the technical stuff involved and did not want to make it easy for someone. Thanks again. You did answer my question.

 

[mole]

(1) Is there a good source that documents this problem so that I can refer people to it in case they do no believe me that this is possible?

Go to Google > search 'spoofing email'. Take your pick

(2) If I delete the e-mail addresses from the sites and deactive the e-mail accounts for a while, will the spammers eventually drop my e-mails from their lists?

Not necessarily, but it could help a bit as spammers do sometimes try to clean up their email lists from dead addresses.

You don't have to deactivate your e-mail accounts to pretend that you are dead. Just use http://www.mailwasher.net and bounce your email back from the POP server itself. NEVER download spam into your email client. Some spam mails have scripts that can feed this data back to the spammer that you are alive.

(3) Is there anything else that I can do to fight this?

Yes, make a report to the ISPs involved using http://www.spamcop.net tracing tools. This is automated and very easy to do. You can even write them direct with a personal plea for assistance, to get more attention from them.

It is useful to understand the fundamentals of email tracing. With a bit of practice, you can become a true spamfighter.


Everyone can become a victim of spoofed emails, and spammers sometimes joe-job (mailbomb) people with this. Spammers are people who would sell their mothers for money. So no point being mister nice guy.

 

[tonyk2000]

DomeBase, I forgot to mention that those spam cases you dealt with were definately NOT transferred via your mailserver or via your ISP mailserver. One and only connection with your business was arbitrary From field. They neededo put some e-mail into it. They put yours.

 

[skylark]

Hello All! Have just finished spending past 4 months setting up a php database website for State of Maryland. One of the issues was preventing e-mail spam prior to election for governor for State of Maryland. Without comment, I recommend the below links for your consideration.

http://www.promotiondata.com/article.php?sid=153

also: http://mastercgi.com/howtoinfo/spamproofsitearticle.shtml
and also:
http://www.dropcard.com/email.html

Good Luck! (No, I can't give URL of website. Restricted to users w/password. I even put in anti-robot html to help discourage listing on search engines!)
------------------
Skylark (I'm a "she" not a "he" remember me?)