The first thing I would ask is if you have an auto-responder. If you do, turn it off.

Essentially there is little you can do as your email address is on one or more spammers lists. At least that's what I suppose, but as I suffer periodically from the same problem I would be interested to hear otherwise.

One thing you can do is to to help is to remove the email address on your home page and replace it with a form. Make sure the form is secure from spam bots, and direct the email to another email address. This email address should be held server side, and therefore invisible. Then use this address in all legitimate correspondence making your site address redundant.

No we don't have an autoresponder.

In terms of any email address on our sites, we use anti-spam encoders such as [an online encoder form], which means they are impossible for spambots to pick up.

We bought [a .net domain] two weeks ago. Was only a 'for sale' landing page before, so I don't think the email address has been picked up from anywhere.

[edited by: phranque at 2:06 am (utc) on Feb. 12, 2008]
[edit reason] No urls, please. See TOS [webmasterworld.com] [/edit]

First of all, please avoid posting your domain name here, as it's not permitted, and the moderators will just edit it out. And it's probably not going to help your spam situation, either, as posts here seem to miraculously turn-off at the top of the search pages for relevant keywords. ;)

I can sympathize, as I once had a 4-letter common-word .net that acquired the same problem. My ISP had one hair-pulling weekend trying to save their network from the onslaught of bounces.

I sold it, the buyer sold it, and it's Microsoft's problem now. I guess they can deal with the traffic.

This is an unfortunate side-effect of the archaic design of Internet email. Anybody can plug any return address into an email. It worked well when there were 20 sites on the ARPANet.

One thing you can do is to track-down the perpetrators. Convince them to use another address and make it somebody else's problem. Or use legal means to make them stop.

Since they obviously are not soliciting responses by email, they must be soliciting a visit to some web site, for people to call some phone number, etc. Start there.

In my case, they were advertising a "900" phone number. Somebody was able to track down the company that leased the phone line, they got in contact with the operator of the 900 program, and I was able to talk to him on the phone. He claimed he didn't know that a guy he hired for "Internet marketing" was spamming. It stopped, and a couple of anonymous money orders arrived in the mail after I mentioned the word "FBI".

I imagine our cases are similar: somebody just "likes" your domain name as a return address, because it somehow relates to what they are spamming. They probably don't know or care that there is an active site at that domain.

In my case, I offered a reward for the identity of the spammer, and it worked. There were newspaper and magazine stories, and a hacker-type found them for me. Probably won't work today, as the reward angle is old-news. (You can probably do a search for "reward offered to find spammer" and find the stories.)

I doubt that you can get white-listed without first getting the spam to stop. The problem is, if you are white-listed, then the spam gets through too. So, you have to make it your business to find the spammer and make it stop, despite the inevitable accusations of vigilantism.

Good luck!