To be honest if you can't get their site closed or at least their mail server or whatever relay they're using turned off then all you can do is delete the bounces and get on with your life.

If they're an affiliate then complain to the main site as they are often not tolerant of spammy marketing from their affliates.

You probably want to delete (or at least de-link) the URL, as all it helps to do is promote this scum some more.

- Tony

If you are getting too many back, try using Mailwasher with the filter set to get rid of the ones coming back to you.

.. or a mail rule that deletes the messages straight from the server.

Thanks for your feedback on this. The biggest problem is that by doing this I get seen as a spammer myself, with the risk that I won't be able to email some companies myself. Its all difficult to screen as they continually change the email address ie mynameabc@mydomain.com, mynamedef@mydomain.com - it could go on forever thats the scary thing. In terms of bouncebacks I've had literally hundreds and hundreds so I can only speculate as to how many millions are going out. I have complained to their ISP in China. This will either prove fruitless or perhaps they'll be be-headed (lets hope). I've edited the URL a little so it doesn't provide a link but I did want to draw attention to these email forgers - they are abomimable tactics however you look at it. In the longer term it could kill my website and after three years of hard SEO tweaking........sobs.......

Hitcher

218.242.0.0 is a big block of ip addresses for cable users in China.

218.242.157.31 is listed in bl.spamcop.net so mail servers that uses spamcop for rDNS on connection will not accept SMTP connection from this IP.

Send abuse report to:

ipas@cnnic.net.cn
scnadmin@scn.com.cn
scnmaster@scn.com.cn
hrhuang@cableplus.com.cn
luoyan@cnnic.net.cn

Normally blacklisting of domain will happen only if your domain is listed in the email itself requesting the recipients to visit your site otherwise yahoo would have gotten blacklisted,looking at the amount of forged return address using @yahoo.com.

Why don't you just bounce the returned mails that doesn't specify the correct email names?

Well at least some good news. After complaints from myself and my server rackspace guys, the site seems to have vanished. Not sure if thats what did the trick or they just went elsewhere or were shot by the chinese authorities, but no bouncebacks today anyway:)

Thanks for your sympathy guys (much appreciated). Email forgery is becoming a norm now and will possibly never be addressed fully. The ONLY thing I can think of to minimise it is to NOT put your email address in forums and at the very least use a bit of javascript on your pages so your email address is less obvious.

I've always used the one from 'Nic's JavaScript Page' and never had trouble with spam on that address so it seems to work well. Oh well, back to 'tweaking'.......lol

well just so u know, *anyone* can forge email addresses, as long as your choose a legit domain name.

For instance, there is a northpole.com. I could send your an email right now from santaclaus@northpole.com, using nothing more than a simple command line emailing program (which has been around before time)

This is because email actually asks that you supply your address: so you are completely able to lie. YOu dont see this on web-email sites or outlook or whatever because they programs dont give u the option to lie...

well just so u know, *anyone* can forge email addresses, as long as your choose a legit domain name.

In most cases it doesn't even have to be a legitimate address - "To" is just another attribute which the sender sets to whatever they want, whether that domain name exists or not.

This is because email actually asks that you supply your address: so you are completely able to lie. YOu dont see this on web-email sites or outlook or whatever because they programs dont give u the option to lie.

Not quite true - I know for sure that Outlook lets you set the sender's address to whatever you want in an unauthenticated environment (ie using a regular SMTP server rather than a centralised Exchange server).

It's not on a per-message basis, instead it's a configuration option associated with the account / profile.

- Tony

oh really? sory :) im an outlook newbie.

Are you sure about the domain thing though? I thought smtp did a dns look up, which required at least a real domain name.

Have you ever gotten a name@HAHHHHAHAHAHAHAHHHAAHH.com?

ANd if not, u are saying its possible? heh, I would have to give them credit for that.

There are legitimate reasons for changing the "From:" field, and this can be done in any email program.

I have three email accounts, each with a different ISP. They are used from different locations. I change the "From:" address in the email client so that all replies are sent back to just one of the accounts. That is, all of my email appears to come from one address, even though it may come from one of three different addresses. Two of those addresses therefore never receive any incoming mail. I collect all mail on just one account, but reply through any one of three ISPs.

Hi,

I think you may be worrying too much about becoming classed as a spammer yourself.

The spam prevention circles know full well that the From / Reply-To addresses within spam are meaningless, and as far as I know the systems that are in place to try and limit spam are not based on this at all. Instead, they attempt to crack down on and block the sending (or receiving) of email from IP addresses that are used by spammers.

I suspect, however, that your fear may be (as mine is sometimes) that a recipient of the spam may look at the from address, and associate the domain name with your business. To this extent, there is of course nothing you can do, but I think the damage from that presumption by someone is minimal. It's unlikely that a recipient is memorizing every domain name apearing in the from address of their SPAM, and if someone comes across yourdomain.com in a legitimate fashion in the future I very much doubt they'll remember that your domain name featured in the from address of a SPAM email they once saw briefly and very quickly deleted.

A pain in the arse I know, but as a domain owner there is nothing you can do about - it will happen to us all at some point!

I'm confident that you won't get classed as a spammer.

If you have the full headers from the emails sent 'from' your address then you will be able to trace back the path and prove that it didn't originate from your email account.

This is definitely a very irritating problem nonetheless. I've also encountered this with viruses that use harvested emails as the apparent sender of an email containing a virus, so that the recipient thinks that the virus was sent from you.

Klez is a virus typical of that strain.

It sits on Jim's computer sending out emails with the virus attached. The emails are sent to everyone in the email address book, but the From: address is forged to look like it came from one of the other people listed somewhere in the address book. This hapless person then receives all the bounced emails, and all the complaints about having sent out a virus. He looks on his machine, and finds nothing. Meanwhile Jim carries on completely unaware of the havoc ensuing.

Run a virus checker at all times, otherwise you could be that Jim...

>>Run a virus checker at all times, otherwise you could be that Jim...

Any halfway decent email virus scanner will also send out notifications to any addresses in the infected email to ensure that whoever the actual culprit is gets a chance to clean up their machine.

The only real solution to spoof email problems is an email 'signing' or certification system that proves the identity of the sender, and none currently exists that does the job well enough that I have come across.

Do you use any kind of Formmail?

Your problem is highly common for people who use that, although it seemed to have peaked last year.