Welcome to WebmasterWorld Guest from 50.19.156.133

Forum Moderators: ocean10000

Message Too Old, No Replies

iis setup help needed

spammers using our domain name as return address

     

malinkam

11:32 pm on Jul 4, 2008 (gmt 0)

5+ Year Member



Some spammers have been sending thousands of spam using our domain name as return address. Obviously we get all the bounce backs. What is the latest on protecting yourself against this? Should we disable catch all account? Is this a good idea?
Most of return addresses are:
blabla@ourdomain.com
blabla2@ourdomain.com
blabla3@ourdomain.com
etc, etc.

Thank you in advance

malinkam

11:33 pm on Jul 4, 2008 (gmt 0)

5+ Year Member



forgot to add, it's windows 2003 server, iis 6

pageoneresults

11:34 pm on Jul 4, 2008 (gmt 0)

WebmasterWorld Senior Member pageoneresults is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Are they just "spoofing" the "From Address" or are they able to send out email from your domain? Two different things to discuss here.

malinkam

11:39 pm on Jul 4, 2008 (gmt 0)

5+ Year Member



sorry, spoofing

pageoneresults

11:42 pm on Jul 4, 2008 (gmt 0)

WebmasterWorld Senior Member pageoneresults is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Nothing you can really do other than educate your customers on how the From address can be spoofed by anyone.

As long as you have SPF in place and you have other bases covered like not allowing SMTP Relay, you should be fine. I say "should be" because email these days is best left for the Professionals.

malinkam

11:44 pm on Jul 4, 2008 (gmt 0)

5+ Year Member



no, no spf has been setup, I guess that's a good start and I'll look into the smtp relay as well,

malinkam

11:44 pm on Jul 4, 2008 (gmt 0)

5+ Year Member



where's my manners, thank you.

Staffa

6:17 am on Jul 5, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



You might also want to disable your catch all account.
It will save you from having to deal with all the bounce backs and genuine people wanting to contact you will use either your site forms or any address you gave them any way.

dukelips

5:16 am on Jul 8, 2008 (gmt 0)

5+ Year Member



Only way to stop is to remove catch all account, we had this issue and after removing catchall . the problem stopped
 

Featured Threads

Hot Threads This Week

Hot Threads This Month