| 5:41 pm on Dec 2, 2008 (gmt 0)|
I guess your server from which you send mails must have been black listed
| 9:36 am on Dec 3, 2008 (gmt 0)|
Nope. I would have noticed that.
| 11:59 am on Dec 3, 2008 (gmt 0)|
Since the subject of the email sounds spammy, I'll assume you didn't send it, therefore it is simply the case that a scumbag spammer has placed your email address in the Return-Path: header of their spam.
In the words of Tom Jones - It's not unusual.
| 2:12 pm on Dec 3, 2008 (gmt 0)|
Ok thanks. I didn't send it, so that sounds perfectly reasonable.
But is there anything I can do about it? Should I be worried?
| 5:48 pm on Dec 3, 2008 (gmt 0)|
Other than closing the "catchall" mailbox facility (if that is causing a problem) there's nothing you can do about it. Since there's nothing you can do about it, there's no point worrying about it.
| 2:14 am on Dec 4, 2008 (gmt 0)|
You could also look into setting up an SPF record for your domain. In that you would specify which servers were authorized to send mail on your behalf. The spam mail would fail that test and you could easily point that out to anyone who took issue. An SPF record can also figure into some e-mail filtering schemes, so it may be in your interest to set one up. It can't hurt.
| 10:43 am on Dec 5, 2008 (gmt 0)|
Actually I had set up SPF records. I don't know the syntax but apparently it was previously set:
Blah.com Only accept mail from the domain Blah.com
But we were sending our mail through our ISP, so I have just got onto the hosts to update it to:
Blah.com Only accept mail from the domain Blah.com and ISP.com
I don't think this will solve the OP problem, but it should help getting past some mail filters etc. as you say.
| 1:07 am on Dec 6, 2008 (gmt 0)|
Actually SPF records work in the opposite way. They state that the listed ISP, domain or IP is permitted to send mail on behalf of that domain. Any other mail sent by spammers would automatically fail that test.
As stated, an SPF record can't stop them from sending the fake receipts, but your filters can more easily determine that they're illegitimate and send them straight to the dustbin.
| 8:27 pm on Dec 8, 2008 (gmt 0)|
I turned on catchall when I had a Yahoo store and was getting over 4,000 of these a day. Needless to say I quickly turned off the catchall account.