Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6

Thread: email spoof?

  1. #1
    Senior Coder JamieR's Avatar
    Join Date
    Oct 2004
    Location
    United Kingdom
    Posts
    3,161
    Thanks
    0
    Thanked 5 Times in 5 Posts

    email spoof?

    yo..
    I've been receiving emails from randomally named email addresses [at]jamierees.co.uk (my domain) like gegchz[at]jamierees.co.uk etc - I know email addresses can be spoofed, but how can I make sure fake email addresses pointing from my domain/mail server (email addresses which don't exist) aren't being used for spamming purposes.
    I've been onto my host, who say that Netsky worm propogates by spoofing email addresses etc, but there wasn't anything in the email and loads of other internet worms do the same thing so I quickly discounted that theory which I thought what crap in the first place.

    I'm getting a bit pi$$ed off at what's going on to be honest - what I want to know is how do I make sure that my domain's email server isn't being used for spamming etc? I also know that email servers can be broken into to send sh*t from them so I'm gonna take this up with my host...

    Any ideas?

    Cheers,

    Jamie.

  • #2
    Rockstar Coder
    Join Date
    Jun 2002
    Location
    USA
    Posts
    9,074
    Thanks
    1
    Thanked 328 Times in 324 Posts
    Check to see if it is really coming from your mail server.

    As far as stopping anyone from using your domain as the from address, well you can't (at least that I know of). But most likely you are getting spam from some place else and it is using your domain as from address because most spam filters would let it through. Most people usually whitelist their own domain address so they can get mail from other people on their mail server.
    OracleGuy

  • #3
    Senior Coder JamieR's Avatar
    Join Date
    Oct 2004
    Location
    United Kingdom
    Posts
    3,161
    Thanks
    0
    Thanked 5 Times in 5 Posts
    Okay cheers Kev - I've been onto my host and they don't have any records of any unauthorized emails being sent from their mail servers so they must have been spoofed from another mail server somewhere, what the heck..nothing to worry about really.

  • #4
    Rockstar Coder
    Join Date
    Jun 2002
    Location
    USA
    Posts
    9,074
    Thanks
    1
    Thanked 328 Times in 324 Posts
    Yeah, it is more of annoyance. If you are the only one using an email address on your domain, you could adjust you spam filter to block messages from all other addresses on your domain.
    OracleGuy

  • #5
    Regular Coder
    Join Date
    Jul 2004
    Location
    mile high city
    Posts
    482
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Are these emails coming via a contact form on your website?

    I recently had forms on three different domains subject to email injection attacks.

    The sender address would be spoofed as described, with a random alpha string for the email id @mydomain.

    My solution was a PHP script that checks for text strings that would only be used for email headers and not normally occur in the message itself.
    Computer, kill Flanders... Did I hear my name? My ears are burning...
    Good start. Now finish the job.

  • #6
    Senior Coder JamieR's Avatar
    Join Date
    Oct 2004
    Location
    United Kingdom
    Posts
    3,161
    Thanks
    0
    Thanked 5 Times in 5 Posts
    Yeah a few of them were - I knew that because in my email form, I have it to output the users IP address and browser.

    I'll try the header script on the page which you reference mcdougals4all, cheers

    I can't blacklist all but my email address on my server, 'cause I have have about 6 email addresses which are being used.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •