Welcome to WebmasterWorld Guest from 126.96.36.199
Forum Moderators: phranque
Now, I believe these spams aren't going through my mail server. The headers seem to say that they're coming from somewhere else. But it's my domain they're putting in the from address.
First, does this hurt me in any way? Can I get put on spam lists even if the spams aren't coming from my mail server?
Second, is there anything I can do about this?
The only solutions are to either filter all e-mails that are returned or simply use specific single e-mail addresses forwarded to your account instead of forwarding all e-mail addresses on the domain to your account.
While he might well have the same problem you did, you cannot know that. Nor can he :)
You are probably right: Probably, his 'name is being taken in vain'. And after a while, they'll move on to another email address.
It may also be his habit of enabling an infinite number of email addresses, which is asking for spam.
But it ain't necessarily so.
He'd be wise to double check; there is a chance - small - that it's a result of some kind of scumware. Wlauzon makes a good point.
It may even be that he's replied to a spammer or three - or used a spammer's 'opt out' page - which is actually, of course, an 'opt in' - a guarantee to be abused in every way a spammer can abuse you.
Different diseases often show similar symptoms!
My machine was clean. The server that I used for email was infected!
This was not in my physical realm so had to leave it to the service provider to sort it out. They did after having complained to them and forwarded them some of the emails.
From what I can gather most spam databases are wise to this so you shouldn't get blacklisted - the originating IP as well as the domain are taken into account.
If you want to feel like you have done something to stop this, carefully look at the headers of some of the bounced messages & contact the ISP of the originator.
The problem is that the originator will have some form of malware that has picked on your domain at random (hopefully!) & is using it in fake mail headers. The ISP will be unlikely to do anything.
You could also consider using SPF to ensure that anyone, who really needs to, can validate your emails.
Like Quadrille said, just shove any emails with an unknown recipient into a blackhole and forget about it until somebody comes up with a saner email system.
I got several (and counting) just now returned undeliverable messages from an IP I tracked to Puerto Rico: 188.8.131.52
Puerto Rico Telephone Company
Ave Roosevelt 1513 7th Floor
P.O. Box 360998
San Juan, PR
I used to get hundreds of these daily as well. I don't think there's anything you can do about it so long as spammers can spoof the reply-to or from fields.
I'm not sure I understand the advantage for spammers who do this. What's the point? Does anyone know of a place where we can report abuse? The PRT website is in Spanish.
The harder you try to stop them, the more they'll persist - just for spite.
If they are in your country, then you may be more effective.