| Author |
 Topic  |
|
Southern Girl
New Member
78 Posts |
 Posted - 11 December 2007 : 19:59:44
|
How do I stop this?
I had 660 returned messages today!
Surely my domain will be blacklisted soon  |
|
|
AnonJr
Moderator
United States
5768 Posts |
Posted - 11 December 2007 : 20:10:15
|
Are you using 3.4.06 w/updates (or are you at least keeping up with the bug fixes)?
Just after taking a quick look, this might help... [link]
I could be wrong about the problem, but applying the fix won't hurt.  |
 |
|
|
Southern Girl
New Member
78 Posts |
Posted - 11 December 2007 : 20:18:25
|
Do you think it is forum related?
I was thinking it was a random target thing.
I'm using 3.4.06 - will check the updates situation....
Thanks |
|
|
|
AnonJr
Moderator
United States
5768 Posts |
Posted - 11 December 2007 : 20:35:26
|
Wait, I thought you were saying that they were sending spam from your forum... is that the case?
Oh, either way you do want to make sure you are up on all the bugs. In particular you should subscribe to the "Announcements: Security Related Bug Fixes" forum. |
|
|
|
Southern Girl
New Member
78 Posts |
Posted - 11 December 2007 : 20:48:41
|
Sorry - it is my domain being targeted.
Though I have now applied some bug fixes for the forum....
Thanks |
Edited by - Southern Girl on 11 December 2007 20:50:48 |
|
|
|
AnonJr
Moderator
United States
5768 Posts |
Posted - 11 December 2007 : 21:25:03
|
Unfortunately there really isn't much you can do to stop people from spoofing your domain... (i.e. sending email from spamaddy@yourdomain.com) If there is anything to be done, I'm not aware of it.
At least you've got your forum up to date. 
Just because its a big issue, did you make sure you got this one? [link] (note the latest reply by Rui) |
|
|
|
Southern Girl
New Member
78 Posts |
Posted - 11 December 2007 : 22:04:23
|
Thanks!
That was the first one that I did though didn't do the last fix
Is that to replace the entire first fix or where do I put it?
Can there be a up to date .asp file to download (I get nervous cutting and pasting) |
Edited by - Southern Girl on 11 December 2007 22:13:00 |
|
|
|
MarcelG
Retired Support Moderator
Netherlands
2625 Posts |
Posted - 12 December 2007 : 05:34:21
|
I had the same with oxle.com ; the day I registered the domain, and logged on to the catchall mailbox, I had > 100.000 undeliverables, and they kept coming in.
Nowadays, over 4 years later, it's still >100 spoofed mails per day.
There's really not much you can do about it.... |
portfolio - linkshrinker - oxle - twitter |
|
|
|
AnonJr
Moderator
United States
5768 Posts |
Posted - 12 December 2007 : 07:10:57
|
quote:
Originally posted by Southern Girl
Thanks!
That was the first one that I did though didn't do the last fix
Is that to replace the entire first fix or where do I put it?
Can there be a up to date .asp file to download (I get nervous cutting and pasting)
Yes, replace the entire "If .... End If" block with the one at the bottom. I don't think the latest change has made it to the download yet.
Stick around here long enough and you'll be amazed at what you are able to do. Soon cutting and pasting will seem like child's play. |
|
|
|
HuwR
Forum Admin
United Kingdom
20595 Posts |
Posted - 12 December 2007 : 07:13:38
|
quote:
Originally posted by AnonJr
Unfortunately there really isn't much you can do to stop people from spoofing your domain... (i.e. sending email from spamaddy@yourdomain.com) If there is anything to be done, I'm not aware of it.
At least you've got your forum up to date.
Just because its a big issue, did you make sure you got this one? [link] (note the latest reply by Rui)
The only way to stop this is to NOT have a catchall email address |
|
|
|
bobby131313
Senior Member
USA
1163 Posts |
Posted - 12 December 2007 : 09:24:03
|
quote:
The only way to stop this is to NOT have a catchall email address
Doesn't stop it, you just don't know it's happening.
You could also have an insecure contact form on your site that allows line breaks to be injected and BCC's sent. If that's the case, you really are sending them, not just being spoofed. |
Switch the order of your title tags |
Edited by - bobby131313 on 12 December 2007 09:54:06 |
|
|
|
HuwR
Forum Admin
United Kingdom
20595 Posts |
Posted - 12 December 2007 : 09:37:48
|
quote:
Doesn't stop it, you just don't know it's happening.
no, but it stops you from receiving all the bounces
only way to prevent spoofing completely is if ALL mail servers supported spf policies but unfortunately they don't |
|
|
|
pdrg
Support Moderator
United Kingdom
2897 Posts |
Posted - 13 December 2007 : 12:17:00
|
Personally I keep catchall open for my domains - I often use one domain to register for websites, but they get an individual hand-crafted email address of their own, so here, I'm registered as snitz@mydomain.co.uk, but for another site I'm registered as theirsitename@mydomain.co.uk
You're right, closing the catchall would stop some of the nonsense, but this way if snitz sells off my email address to a spam list (and they haven't so far, I've come to trust them ), I know who it was who sold my address! |
|
|
|
JJenson
Advanced Member
USA
2121 Posts |
Posted - 13 December 2007 : 12:27:53
|
| I like that idea pdrg I will have to start to implement that. |
|
|
|
Shaggy
Support Moderator
Ireland
6780 Posts |
Posted - 13 December 2007 : 12:33:59
|
Yup, do the same thing meself, but use aliases rather than leaving the catchall on.
|
 Search is your friend
“I was having a mildly paranoid day, mostly due to the
fact that the mad priest lady from over the river had
taken to nailing weasels to my front door again.” |
|
|
|
AnonJr
Moderator
United States
5768 Posts |
Posted - 13 December 2007 : 12:48:24
|
| Since GMail ignores whatever is after the "+" to the left of the "@" I've been using that to tag which registration account that is. However, some sites stupidly won't allow the "+"... maybe its time to do it your way. |
|
|
|
Topic |
|
Topic Locked
