Sunday, May 28, 2006


Hit hard by mail spam

Until May I received very little mail spam as I use a different email alias for each subscription, forum, etc. When a company sells my address to a spammer I know who the they are, who to complain to and I just delete all mails to the spammed alias.

But, the spammers just started doing something that makes my life a lot more difficult. They send a lot of fake mail that looks like they come from In many cases the targeted account does not exist so I get a Non-delivery report (NDR) message back. Below is one example:

We're sorry. There's a problem with the e-mail address(es) you're trying to send to. Please verify the address(es) and try again. If you continue to have problems, please contact Customer Support at (480) …..

The e-mail message could not be delivered because there are no users here by that name.

--- Below this line is a copy of the message.

Return-Path: <>
Received: (qmail 18739 invoked from network); 18 May 2006 12:16:13 -0000
Received: ([64.202….])
        (envelope-sender <>)
        by (qmail-ldap-1.03) with SMTP
        for <>; 18 May 2006 12:16:13 -0000
Received: (qmail 12824 invoked from network); 18 May 2006 12:16:13 -0000
Received: from unknown (HELO ([88.226….])
        (envelope-sender <>)
        by (qmail-ldap-1.03) with SMTP
        for <>; 18 May 2006 12:16:06 -0000
Received: from [88.226….] (helo=dlxf)
by with smtp (Exim 4.43)
id 1FghUk-0004QU-Uj; Thu, 18 May 2006 15:20:46 +0300
Message-ID: <001301c67a74$d0130457$677be258@dlxf>
From: "Paula Fry" <>
To: <>
Subject: Democrat

In the past I have always complained to the ISP of the spammers but in this case I am fighting a loosing battle as the mails are sent by different IP addresses all over the world. One of the worst Internet Service Providers in my experience is I have lost count of the mails I have sent to their "abuse" alias without any reply or sign of improvement:-(

A lot of the mails bounce back to me as a Non-delivery report which is bad, but some of the mails hit a real mail account which is even worse. Does anybody out there have any suggestions regarding what to do in these cases?

  • Does SPF actually work? I have only seen a couple of mails with SPF headers.
  • Someone suggested forwarding the spam to, and adding a the reference to Federal Can Spam Act, 2003.
  • Bounce the NDR back to the sender. That is not really fair as postmasters all over the world will get NDRs from my domain (at the moment I silently drop the NDRs for accounts that do not exist on my domain). NDRs seem to be a popular way of spreading spam as Jeff Atwood has a related problem.

Suggestions anyone?

Updated: fixed broken link to SPF

No comments:

Post a Comment