Forum Moderators: phranque
I recently got a new client online. They like the site, email working well, BUT.. last week, they frantically emailed me b/c they received a virus via spam which LOOKED like it came from a their mail server - linda@(their URL).
They asked how it was possible that someone was able to get onto their email server, and create the new alias and send the virus. I tried to explain to them that what had happened was that as soon as their site went online, the spiders which are used for spam found it, and started using it as a "FROM" address, and that the generic (and non-existen) name before the @ symbol was how spam email works. (I feared that if he received a v¦agra-related email that he might think someone thought little of his sexual prowess)
I checked with the hosting company, who offers spam protection on their mail servers, but that was mostly to be able to give them some method of solace that spam happens, and that it's the price to pay for having email and a website.
Can anyone help me out with more of the specifics of how spam spiders track and use URL addresses and fake "from" emails in their tactics? Might help calm them down a bit.
-JC
The only semi-reliable way to tracking the source of spam is via the headers, try taking a copy of the complete email and plugging it into something like [spamcop.net...] and seeing where they say the email actually came from.
- Tony
I'm avoiding putting plain e-mail addresses on new sites, preferring to use forms or obfuscating the e-mail if I need to provide an actual e-mail.
I'd explain to the client that if he has a domain, there's a strong possibility that it will be used as a return address for spam. Clearly, protecting the e-mail server is important to prevent real hijacking, but forged addresses are impossible to prevent.
