2

I have a domain name that is being used as the "from" address in millions of spam messages. I get over 10,000 NDRs every day!

The original messages aren't coming from my machine, the spammers are just using my domain name. I know I can't do anything about that, but I'd like to make it as difficult as possible for them.

I've already updated the SPF record for my domain but I'd like to know how to blacklist my domain in as many places as possible.

I don't care about the reputation of my domain as I never use it to send email. I use it for inbound only and for brand protection.

Do you have any recommendations on where and how to do this?

Here is a typical NDR:

From: Katie Cameron <[email protected]>
To: <[email protected]>
Subject: We've Just Come Across Something Huge!
Date: Mon, 23 Jun 2014 19:51:21 +0100
MIME-Version: 1.0
Content-Type: multipart/related; type="multipart/alternative";
    boundary="----=_NextPart_000_0004_01CF8F1C.817E2D60"
X-Priority: 3
X-MSMail-Priority: Normal
Importance: Normal
X-Mailer: Microsoft Windows Mail 6.0.6002.18005
X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6002.18005
X-pstn-neptune: 500/484/0.97/100
X-pstn-levels: (S: 0.01937/98.34226 CV:99.9000 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:97.0282 C:98.6951    )
X-pstn-dkim: 0 skipped:not-enabled
Message-ID: <[email protected]>
X-pstn-status: off
Return-Path: [email protected]
Improve this question
3
  • Apart from SPF, you can try setting up a DMARC policy. A lot of mailservers will still send deliver messages that fail the SPF tests by default, but if they also check DMARC you can tell them to always drop messages that fail SPF. Apart from that, the only thing you can really do is disable any catchall incoming addresses.
    – Bob
    Commented Jun 23, 2014 at 9:37
  • I would hope you can't do this, although you're clearly doing this for the power of good, think about how easily this could be used for the power of evil...
    – Dave
    Commented Jun 23, 2014 at 9:54
  • Yes it could be used for evil, but if you could someone opt yourself in to a blacklist (using your email as confirmation that you own the domain), then that would surely be effective?
    – SimonGoldstone
    Commented Jun 23, 2014 at 12:06

1 Answer 1

Reset to default
0

I think you're taking the wrong approach here.

Many spammers use your own address as the from simply to make any reply end up in your own mailbox instead of theirs. It is very likely that no one else gets emails with our name in the from, so blocking your domain is pointless.

The first question would be, why do you get this much spam mail with your domain name in it?

Usually this is a result of spyware. Another possibility is that you have sent mail from this address by forwarding chainmails etc (funny emails from friends to lots of people in your contacts. This is one of the ways to attract spammers)

I would recommend add a subdomain to your main domain, use specific emailadresses with that subdomain and/or the main domain) and make everything else bounce. This should reduce the amount of spam you receive. And again, sending only happens by spyware.

Improve this answer
3
  • Hi, there's absolutely no spyware on my side at all. Also, the domain has never been set up to send outbound mail on our side, and we've never responded to or sent mail out from the domain. Certainly not any chainmails, etc. The NDRs I am getting very much indicate that a made up email address @ my domain is used as the FROM address in the spam. I don't care about the amount of spam I receive, I can easily filter it out. My question was more about is it possible to blacklist my own domain?
    – SimonGoldstone
    Commented Jun 23, 2014 at 22:27
  • I've seen this too many times and had to investigate it a few times for my profession. Such email is always only sent to the mailaddress with a similar from address. How they got your email address is unknown. Possibly they use a list of domains and just try a mail address. This cannot be blocked. You can only set a filter to
    – LPChip
    Commented Jun 24, 2014 at 10:21
  • bounce mails on your mailserver that aren't a valid email (disable catchall)
    – LPChip
    Commented Jun 24, 2014 at 10:39

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .