Welcome to WebmasterWorld Guest from 34.237.76.91

Forum Moderators: LifeinAsia

Message Too Old, No Replies

How to tell if I am being sabotaged

My site seems to have a negative rep lately... am I being sabotaged?

     
3:39 pm on Jan 18, 2007 (gmt 0)

New User

10+ Year Member

joined:Nov 18, 2003
posts:3
votes: 0


The last couple of months I've noticed a significant drop in traffic to my site combined with being banned from some domains (sending email to godaddy registered domains, registering with looksmart plus who knows what) and a huge increase in spoofed emails being returned to my catch-all email account (hosted on a shared virtual server).

I suspect that I may be being sabotaged by a competitor (hmm.. Lavender hhmmm.. I know who you are!) that sent me hate email when I first started my site a couple of years ago.

I do not use any dodgy methods: Sound coding practices combined with good, original content are my tools. My site consistently ranks highly in gooogle, yahoo & msn.

What I would like to know is... is there any way (other than contacting the domains my site has banned on) to detect and track this suspected dodgy activity?

Also, what steps can be taken to minimise the negative effects of spoofed emails? Any insight welcome and appreciated.

cheers

Steve

3:44 pm on Jan 18, 2007 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member pageoneresults is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 27, 2001
posts: 12172
votes: 61


And a huge increase in spoofed emails being returned to my catch-all email account (hosted on a shared virtual server).

If those spoofed emails are in fact "spoofed", then you have an SMTP Relay issue at the server. Check the headers and look at the from address. And, if that is the case, there may be some other vulnerabilities present.

3:52 pm on Jan 18, 2007 (gmt 0)

New User

10+ Year Member

joined:Nov 18, 2003
posts:3
votes: 0


Starting Dec 26th the bounced emails began rolling in. All with roughly the same format... my host has not responded to my request for details.

sample:

Received: from unknown (HELO qlczf) (173.xx.xx.xx)
by softbank221041052028.example.net with SMTP; Wed, 10 Jan 2007 22:42:53 -0800
Message-ID: <001301c7354b$b869cfb0$62739cad@qlczf>
--------------------------------------------------
Received: from [136.xx.xx.xx] (helo=jjddvk)
by softbank221041052028.example.net with smtp (Exim 4.62 (FreeBSD))
id 1H4zch-0002kH-Jv; Thu, 11 Jan 2007 05:05:39 -0800
--------------------------------------------------
Received: from [68.xx.xx.xx] (helo=mqzx)
by nqokt with smtp (Exim 4.62 (FreeBSD))
id 1H4oLj-0003R2-9G; Thu, 11 Jan 2007 10:03:23 +0900
Message-ID: <000f01c7351b$f4a74320$808d4344@mqzx>
---------------------------------------------------

...

[edited by: jatar_k at 4:12 pm (utc) on Jan. 18, 2007]
[edit reason] examplified [/edit]

4:08 pm on Jan 18, 2007 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member pageoneresults is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 27, 2001
posts: 12172
votes: 61


Run a DNS Report for your domain and tell us if there are any failures (they are marked in red on the report).
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members