Sunday, May 28, 2006

2769.aspx

Hit hard by mail spam

Until May I received very little mail spam as I use a different email alias for each subscription, forum, etc. When a company sells my address to a spammer I know who the they are, who to complain to and I just delete all mails to the spammed alias.


But, the spammers just started doing something that makes my life a lot more difficult. They send a lot of fake mail that looks like they come from egilh.com. In many cases the targeted account does not exist so I get a Non-delivery report (NDR) message back. Below is one example:



We're sorry. There's a problem with the e-mail address(es) you're trying to send to. Please verify the address(es) and try again. If you continue to have problems, please contact Customer Support at (480) …..


<...@cimbom.com>:
The e-mail message could not be delivered because there are no users here by that name.


--- Below this line is a copy of the message.


Return-Path: <spam@egilh.com>
Received: (qmail 18739 invoked from network); 18 May 2006 12:16:13 -0000
Received: ....secureserver.net) ([64.202….])
        (envelope-sender <spam@egilh.com>)
        by ....prod.mesa1.secureserver.net (qmail-ldap-1.03) with SMTP
        for <...@cimbom.com>; 18 May 2006 12:16:13 -0000
Received: (qmail 12824 invoked from network); 18 May 2006 12:16:13 -0000
Received: from unknown (HELO ....ttnet.net.tr) ([88.226….])
        (envelope-sender <spam@egilh.com>)
        by ....prod.mesa1.secureserver.net (qmail-ldap-1.03) with SMTP
        for <...@cimbom.com>; 18 May 2006 12:16:06 -0000
Received: from [88.226….] (helo=dlxf)
by dsl88-226-16268.ttnet.net.tr with smtp (Exim 4.43)
id 1FghUk-0004QU-Uj; Thu, 18 May 2006 15:20:46 +0300
Message-ID: <001301c67a74$d0130457$677be258@dlxf>
From: "Paula Fry" <spam@egilh.com>
To: <...@cimbom.com>
Subject: Democrat


In the past I have always complained to the ISP of the spammers but in this case I am fighting a loosing battle as the mails are sent by different IP addresses all over the world. One of the worst Internet Service Providers in my experience is ttnet.net.tr. I have lost count of the mails I have sent to their "abuse" alias without any reply or sign of improvement:-(


A lot of the mails bounce back to me as a Non-delivery report which is bad, but some of the mails hit a real mail account which is even worse. Does anybody out there have any suggestions regarding what to do in these cases?



  • Does SPF actually work? I have only seen a couple of mails with SPF headers.
  • Someone suggested forwarding the spam to spam@uce.gov, and adding a the reference to Federal Can Spam Act, 2003.
  • Bounce the NDR back to the sender. That is not really fair as postmasters all over the world will get NDRs from my domain (at the moment I silently drop the NDRs for accounts that do not exist on my domain). NDRs seem to be a popular way of spreading spam as Jeff Atwood has a related problem.

Suggestions anyone?


Updated: fixed broken link to SPF

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)