Slammed By Spam Spoofer
from the help! dept
In the last few months, I’ve actually gotten very good at filtering spam. It’s been reduced to a manageable level finally. However, I just returned from discover a ton of email… mostly bounced emails with a few “out of office” autoresponders thrown in there. Of course, I never emailed any of these people, but it seems some spammer spoofed my email address and sent his spam out to millions (the bounces keep pouring in…). With all the discussions of filters and whitelists vs. blacklists, does anyone have a solution for this sort of problem? Does this mean that I’m now going to be accused of spamming? Update: It’s getting worse. The bounce messages just keep on coming. Right now I’m pushing 100 messages in the last three hours. Even worse, though, is that I’m getting subscribed to all sorts of crap. It seems that a bunch of the emails in this spammers list are actually subscription emails, and instead of having “double opt-ins”, I’m getting automatically added to various subscription lists I have no interest in being a part of.
Comments on “Slammed By Spam Spoofer”
No Subject Given
Did he use a unique return address that you can filter on? I had this happen once (although not quite to this magnitude) and I put a forwarder on the mail server to bounce all the spam bouncebacks to uce@ftc.gov Probably a worthless effort but it made me feel better 🙂
One more thought – if you are getting signed up for crap it sounds more like somebody being malicious than just a spammer. Maybe you should look back at teh last few weeks of posts here on Techdirt, particularly at people who were less than polite about your comments.
Re: No Subject Given
Well, it’s now well over 200 emails in about 10 hours, and they’re still coming. I’m wondering just how long this will last.
One more thought – if you are getting signed up for crap it sounds more like somebody being malicious than just a spammer.
I don’t think it’s more malicious. What it is, is that the spammer has on their list some email addresses that are used for signups to lists. Those lists are are poorly configured, and just assume that any email is a subscription notice. It also appears to have a bunch of “feedback” email addresses, because a bunch of the emails I’ve been getting are “thank you for your feedback, we’ll get back to you as soon as possible”, and they’re all just the same spam.
Anyway, there is no way to filter it out. It’s using my main email address.
I’m wondering how long this will last.
Re: Re: No Subject Given
This might sound like a dumb question and I’m just spitballing here since I’ve never been in that situation but…
Have you managed to contact anyone who actually received the spam emails with your address spoofed?
I figure if you could get one example of the actual spam, with the headers, you could possibly (maybe) be able to track down the spammer somewhat and get him knocked off the net temporarily at least.
Re: Re: Re: No Subject Given
Have you managed to contact anyone who actually received the spam emails with your address spoofed?
Unfortunately, no. It seems that while the spammer is spoofing my address as the return address, he didn’t bother to actually send me the spam.
So, the only emails I’m getting are bounce messages.
By the way, I just checked my SpamCop filters, and they caught a bunch more of the bounce messages.
This is ridiculous. Every time I look at my email, there’s another 10 or 20 bounced messages.
Re: Re: Re:2 damn
damn…and none of the bounces quote the source message either I guess..
*sigh* well it was worth a shot…I feel for ya.
Re: Re: Re:3 damn
A few of the bounces quote the original spam message. It’s a fake “response” from someone named “Chris” to everyone saying that Chris was replying to their reply to Chris’s “online ad”. Then it points to a site for more info about Chris – that from the URL (which I won’t go near) looks to be a porn site.
Re: Re: Re:4 damn
Mike – That has been happening to quite a few people these days. It happened to a guy that runs a Mac news site today, and I think I saw it somewhere else as well.
Same rouge – “replying” to an online ad.
Goddamn spammers.
Re: Re: Re:4 damn
Someone did exactly the same thing to me last week with two different very similar fake ads – one linked to a site in Estonia (hot.ee) and the other with a site registered in the UK.
I got over 300 bounces but only fewer than 10 complaints. I asked the people who complained to forward the original spam but nobody did.
One of the admin messages I received showed that it was sent from 217.219.214.130, which doesn’t have a reverse DNS entry and a traceroute stops in Munich.
As of now, I have the affected email address disabled with an auto-reply message (it actually forwards to my hotmail account now and the bouncese seem to have slowed down, so I’ll probably reactivate that address in a few days).
Re: Re: Re:5 damn
Just a suggestion, but the IP abuse record is abuse@mail.dci.co.ir, you might want to email them with a complaint, not sure how good your Iranian is however….
I've got just the opposite
I went away for a few days and turned on my Out of Office Assitant in Outlook.
It proceeded to bounce back messages to everyone, including all of my daily subscription messages. All of those mailing lists bounced back messages saying “don’t send e-mail to this address”, which of course were bounced back by OOOA and then they replied back, ad nauseum.
Eventually Outlook decided that they were spamming me and has marked them all now as Junk Mail, yet when I try to go into the junk senders list to remove them, they’re not there! I’ve been through every filter option that I can find in Outlook, and can’t figure out how to convince Outlook that Daily Dilbert isn’t spam…
Arrggh… e-mail is getting to be more hassle than it’s worth!
Re: I've got just the opposite
if you got problems with outlook, then the best solution is to junk it and use eudora.
much better and less prone to all those viruses.
Re: I've got just the opposite
Outlook OOA should only reply one time per email address.(thus preventing recursive email communications) Sounds like you created your own custom rule to respond to emails.
spoofed email addresses.
If you figure out how to fight this, let me know. Someone has taken to using my email address as the “From” in a series of spam sendings.
Re: spoofed email addresses.
You might also have a friend who has his computer infected with a virus, which co-opts his address book and uses those e-mail addresses for the spoof “from” address. Check the header and see if your friend’s address is listed in the return path.
Re: spoofed email addresses.
Try sending and having your friends send mass mailings to the address and make it several pages of useless ramblings. Do this by putting the same address in the TO box say fifty times.
KrazyKyngeKorny
raykornele@ivillage.com
BugBear
Sounds like the mass-mailing worm BugBear has infected your computer. Scan your computer with the latest virus definitions. (Same thing happened to me.) See:
-g
Unwilling Spammer
Mike,
Your tale of returned mail strikes a sore chord on my board. This just started with me last week. I’m up to about 50 returns a day. Since I use a Yahoo account, it requires continual cleaning out to stay down to my 6mb level. It seems to have been several months for you. Did you figure out a solution, or do you have a new email address?
Re: Maybe this is it...
My computer was infected with the W32.sobig.F@mm worm that uses your email in a string of mass marketing emails. Check this out: http://www.symantec.com/avcenter/venc/data/w32.sobig.f@mm.html
Good Luck!
Re: Re: simliar experiences
Because I had the misfortune of knowing the wrong person I have had a great deal of experience with this sort of thing. Addresses have been spammed with thousands of identical emails from address than don’t exist. While I can block the the offending psuedo address within a day a different one will be spamming me. The people who do this also make a passtime of changing the passwords to AIM and forum accounts, so stopping this email spam would by no means be the end of my problems but it would certainly be a welcome relief. If any one can show me a way to find these people or the address this actually comes from it would be quite appreciated.
Re: Re: Re: simliar experiences
About a year ago I received a series of sinister emails saying that my web businees would be destroyed and that my email addresses would cease to exist. I received many of these emails each from address was my own web site email addresses.
Since then I have received hundreds of thousands of returned messages, mostly containing a virus.
All the originating (spoofed) addresses are from my own web sites.
I never send spam and I only send email from home. Once per month I send out a short email announcing my next ezine edition to 3500 opt-in subscribers. I send it from one web site. I never
send mail from any other of my 30 web sites.
Now whenever I send the monthly email, I get more than 2000 returned messages that have been intercepted by filters!
The person responsible for this chaos is achieving his goal. I wish I could find out who he was. I want to give him the name of a good psychiatrist & introduce him to the police.