Msg#: 3798254 posted 3:01 pm on Dec 2, 2008 (gmt 0)
Hi I am getting undeliverable reciepts for what look like spam emails coming from my domain. Here is an example:
Your message did not reach some or all of the intended recipients.
Subject:Attack your baby, she wants Sent:02/12/2008 01:45
The following recipient(s) cannot be reached:
firstname.lastname@example.org on 02/12/2008 01:45 The message reached the recipient's e-mail system, but delivery was refused. Attempt to resend the message. If it still fails, contact your system administrator. < server.server.com #5.2.0 SMTP; 550 ######## SPAM EMAIL NOT ACCEPTED ########>
The server listed at the bottom is listed second on the list of mx records for the domain the emails seem to be coming from.
What should I do to get rid of these? Should I be worried etc.
Msg#: 3798254 posted 11:59 am on Dec 3, 2008 (gmt 0)
Since the subject of the email sounds spammy, I'll assume you didn't send it, therefore it is simply the case that a scumbag spammer has placed your email address in the Return-Path: header of their spam.
Msg#: 3798254 posted 2:14 am on Dec 4, 2008 (gmt 0)
You could also look into setting up an SPF record for your domain. In that you would specify which servers were authorized to send mail on your behalf. The spam mail would fail that test and you could easily point that out to anyone who took issue. An SPF record can also figure into some e-mail filtering schemes, so it may be in your interest to set one up. It can't hurt.
Msg#: 3798254 posted 1:07 am on Dec 6, 2008 (gmt 0)
Actually SPF records work in the opposite way. They state that the listed ISP, domain or IP is permitted to send mail on behalf of that domain. Any other mail sent by spammers would automatically fail that test.
As stated, an SPF record can't stop them from sending the fake receipts, but your filters can more easily determine that they're illegitimate and send them straight to the dustbin.