domain names

hi all i know this might sound a bit silly , i've got my own domain name and i keep getting emails sent by someone using it.exp juhdr @ joeblog.co.uk joe blogs being my my domain name purple cloud think this to be normal but i coun't see how someone can just put a load of jumbled up letters in front of my domain and send them to my full address , i've only got one email address registerd to my name and so has the wife shes getting them to and since we've been with purple cloud were both getting hundreds of spam emails witch we didn't get with one and one, If they like they can send abuse letters and threatening and porn emails and i'll be held responcible sorry its a bit long winded but hope you can understand what i'm saying thanks

Grahame

since we've been with purple cloud were both getting hundreds of spam emails witch we didn't get with one and one

I get hundreds of spam e-mails to my 1&1 account (mostly for fake watches and "increase your xxxxxx").

If they like they can send abuse letters and threatening and porn emails

Welcome to the internet.

and i'll be held responcible

Why?
Nobody will hold you responsible for junk e-mails that get sent to you.


Can't you just set up the filters/rules in your e-mail reader (e.g. Outlook), to automatically stuff (into a spam folder) everything that's not sent to your specific e-mail address?

In reply to:

---

Can't you just set up the filters/rules in your e-mail reader (e.g. Outlook), to automatically stuff (into a spam folder) everything that's not sent to your specific e-mail address?

---

Either that or move to a another hosting company - one that has some decent spam filters set up on its shared accounts. This will probably cost you more and won't eliminate the problem completely, but it will almost certainly reduce the volume.

The best way I've found to combat spam is to use an automatic white list with manual blacklist.

I have a wildcard alias so that anything that matches the criteria gets forwarded to a single account. That allows me to give every contact an address that's unique to them. This has two advantages:

1.I can identify the sender.
It's not reliable to use the 'From' field to identify a sender (note to the OP there) but if I get an email addressed to "[email protected]" then I know that it was sent by Tesco or that they have leaked their mailing list.

2.I can block the address.
I can create a manual block on "Me.Tesco" and stop the [censored]. I can then notify Tesco and tell them to start using "Me.Tesco1".

This system has served me well for many years. I've had to block nearly a dozen addresses in over six years. For some reason 2007 was a bad year - I had to block four or five addresses and even block the generic address "Me@..." but it's still a rare day when I get any spam and I can put an immediate block on it.

FWIW the setup I use for this is I use my domain provider's email server. They arrange for anything sent to my domain to go into one account. I then run my own mailserver (VPOP3) which pulls everything down and sorts it according the wildcard and blacklist.

Of course I could remove my domain provider from the equation but this way I don't need to run my mail server 24/7 and can create blacklists for the worst offenders at the domain end so that the spam doesn't eat into my bandwidth.

Edited by Andrue (Wed 26-Mar-08 09:36:00)

You need to check what the mail system does with email to accounts you have not created e.g. I want stuff to andrew@ but obviously stuff to and123@ is useless and binned, but many systems will automatically deliver this to the master account

This is a fairly common thing and the headers of these emails should show it is not you sending them.

Domain names get many thousands of spam emails like this.

I'm slightly confused. Do you mean they seem to come from your domain and also to your domain, which has been know - there was a thread a couple of months ago where someone found he seemed to be sending porn email to himself.

More likely you mean someone untraceable is sending stuff to random names at your domain.

I get no spam at all from Purple Cloud, and have used their domain/email for 13 months with no problem. Someone has got hold of your address and to do what they are doing is easy. WIth my previous email supplier, (my ISP at the time), someone got hold of an address that I had only given to Microsoft!!, and exactly this happened.

Anyway, if you go into your Control Panel at Purple Cloud and then (Services) Mail, (Tools) Preferences, you will see there is an option as to what to do with "Mail to non-existent user". Yours is probably "Forward to default address" then a radio button and your main email address.

Click the "Reject" radio button instead, then click OK. It takes a while to update - says Please Wait - then returns to the screen one level up that you came from. Then just log out.

thanks everybody for your replys will have to get a good spam filter in place, was just shocked to find out that anybody can send emails with my domain name, thanks again

Grahame

Ah, it wasn't clear from what you posted what you meant.

The issue of faking the 'from' header is an annoying one. In the original mail standard it is just a text field and can be set to anything the sender wants. In effect it's like the sender of a physical letter being allowed to apply the postmark.

It is still just a text field (which is why my system uses the 'to' field) but there are a couple of systems in place to verify it. The one that I think is more popular is SPF. With SPF the receiving mailserver performs a domain name check to find out if the sending machine is allowed to send email from that domain. This doesn't prevent spammers from faking the 'from' address but does allow the receiving server to reject the mail - in effect detect the forgery.

For more information: http://en.wikipedia.org/wiki/Sender_Policy_Framework

Unfortunately this system relies on the recipient performing the check. It therefore doesn't stop people forging your address - it just provides a mechanism for those that care to check if they can be bothered. You might want to talk to your domain provider about SPF as they should be able to set you in a few minutes.

Edited by Andrue (Thu 27-Mar-08 09:10:45)

In reply to:

---

In effect it's like the sender of a physical letter being allowed to apply the postmark.

---

more like being able to write any address on a letter or any "return to sender" address on the envelope.

I'm getting more confused.

Has it now been established that the emails he is receiving appear to have been sent from his own domain? I'm not sure it has, even though he appears to say so.

If it has, then presumably it is arising from a user of an unknown, (to us at the moment), ISP and nothing to do with the OP's domain provider. It is the spammer's email provider that needs to implement SPF isn't it?

All the OP can do is stop himself receiving them with Purple Cloud's settings as already described by me.