Somebody spaming from my company email addresses

[the_web_designer]

Hi,

I keep getting auto-responces for emails sent from my company email, but the thing is, I am not sending them. I have a net that catches any emails sent to my domain. So people are using things like [email protected] to send spam. Is there anything I can do about it?

Many thanks,

Jonathan Padhiar

 

[obscure]

No. These people are using automated spam bots to send spam and spoofing the email address (setting the "from" field in the email to yours). If you were able to track down the real email account that is sending them it would just be a disposable account, most likely being sent from a PC that has been infected with malware/trojan and part of a bot ring. Just ignore it.

 

[MGSteve]

The only thing you could do to reduce the bounce emails is to remove the 'catchall' on the domain, as the bounces will come back to the made up email address.

unless they come from valid email addresses, when the most you can do is ignore them.

I tend to get a blitz of these every other month or so, annoying but other than disabling the catch all, nothing you can do.

 

[An Oasis]

Has anyone come across any software which can check to see if the sender email adi is different to the from and mark as Spam?

 

[awebapart.com]

I keep getting auto-responces for emails sent from my company email, but the thing is, I am not sending them. I have a net that catches any emails sent to my domain. So people are using things like [email protected] to send spam. Is there anything I can do about it?

1. Don't use catch-all forwarding to give yourself multiple addresses going to one email account, use multiple email accounts for multiple addresses, or multiple email forwards. Catch-all forwarding will only end up giving you multiple spam.

2. Catch-all should be disabled, and disabled in a way that preferably does not bounce spam emails, otherwise you are doing exactly what the spammers want you to do, i.e. helping them distribute spam via bounce back or backscatter.

3. To minimise the chance of being a victim of spam, make use of other spam prevention techniques.

4. Keep aware of what is going on in the world of spammers, (it doesn't make for a comfortable read, and we have experienced this first hand earlier this week with a serious spike of botnet spam activity sending spam to domains on our server) e.g.:

a. BBC Click video (March 2009) about the botnets at:
http://news.bbc.co.uk/1/hi/programmes/click_online/7932816.stm

b. Botnet article links:
www.theregister.co.uk/2009/04/23/botnet_speed_test/
www.viruslist.com/en/weblog?weblogid=208187675
www.theregister.co.uk/2009/04/16/new_ibotnet_analysis

c. This month's Symantic Internet Threat report says that spam volumes
trebled last year and botnets now account for 90% of spam:
www.theregister.co.uk/2009/04/14/symantec_threat_report

d. This article is from Jan 2009 and reports on one particular botnet as
having infected 10 million PCs at that time and growing at 1 million a week:
http://cyberinsecure.com/spam-volum...least-10-millions-of-infected-conficker-bots/

"Latest educated guess of the size of the botnet is 10m strong as of
Friday, 23 January, 1m up on the 9 million of the week before."

Other interesting notes:

"Some countries are being more heavily hit by the zombie epidemic.
China, Russia and Brazil account for 41 per cent of infected IP addresses"

"The spam run seeks to promote websites while also seeking to validate
email addresses for later, possibly more insidious, junk mail runs."

 

[Humphrey]

I agree with all the comments so far.
Last year I had one of my domains abused by the spammers, this resulted in over 1200 'bounced' emails arriving in my inbox in just 45 minutes plus five abusive emails for people accusing me of spamming them.
Email catch-all is firmly switched off for all of my domains.

 

[KateCB]

We to had the same problem as Humphrey - we had 'catch-all' removed for our domains which has pretty much sorted it out.

Amazing isn't it - companies can track IP addresses, tell who you are when you buy things/visit website, but they can't find out who 'hi-jacked' your email address!

 

[the_web_designer]

Ah may just have to eventually take of the catch all. Stinking spammers! Just so horrible when somebody uses your domain, the face of your company, to send spam.

 

[haubnk]

There is something you can do about:

Google spf!