Page 1 of 2 12 LastLast
Results 1 to 25 of 37
  1. #1
    Full Member
    Join Date
    January 18th, 2005
    Posts
    315
    Ugh! Is there any way to prevent people from doing this? They generally don't use any real email address - it's usually a bunch of letters and my domain (dfahi@mydomain.com, for example) and I only know about it from the bounces, which wind up back in my main email box.

    Surely some of you have had this dilemma - what do you do?

  2. #2
    affiliate emeritus missdonna's Avatar
    Join Date
    January 18th, 2005
    Location
    Torrance, CA
    Posts
    1,986
    It happened to me a couple of months ago. I didn't know what to do so I didn't do anything. Eventually it stopped.

    I told my hosting company, just in case there were spam complaints against me.

  3. #3
    Full Member
    Join Date
    January 18th, 2005
    Posts
    315
    Would I just tell the company hosting my site, or should I tell my ISP too (after all, aren't they are part of the electronic equation)?

  4. #4
    ABW Ambassador Andy's Avatar
    Join Date
    January 18th, 2005
    Posts
    4,178
    Janiss,

    Are you using FormMail? If you are using it to process forms, some versions have a security issue. Often it can be solved by renaming the script to something other than FormMail. Call it 197GXZ15 or something else that you can remember, but would mean nothing to harvesters.

    The same people sending out spam have their bots search for formmail.pl, formmail.cgi, etc., and then attempt to spam through the security gaps in that script.

    There's also a revised version that checks for the destination domain, which you hard code in the script. It won't send out anything if the domain's not the same. But, there are problems with this as well. As quickly as there's a patch, those d@mn spammers find a way around it.

    Renaming it should help quite a bit. [img]/infopop/emoticons/icon_wink.gif[/img]

    Andy

  5. #5
    Chick with Brains Tracy's Avatar
    Join Date
    January 18th, 2005
    Location
    Polk County, Florida
    Posts
    1,878
    I've been having this happen more and more lately. The last time I received three emails, each with a list of bounced addresses.

    I also received the spam email. So I forwarded all to my ISP. They never responded. My ISP is also my web host, but whoever did it used my ISP email address, not my website address.

    Janiss, I don't think there is any way to actually prevent somebody from doing this. It's a simple matter of changing names and addresses in one's email I account before sending.

    For example, I work for a chain of hardware stores, and we sell Nextel cell service. I created and maintain a website to keep all the Nextel associates in our company updated on Nextel information. When I've made an update, I used to send an email using my real name and address. Problem was, most of the managers at the stores didn't know me from Adam, and would delete my emails without even reading them.

    I use Outlook Express. Now, before I send out an email, I change the name and address to the CEO's name and email address (with his permission). Everybody reads his emails. It's so easy to do.

    I think the only thing to do is report these instances to your ISP and/or web host. If you get the email too, send that to them. There is going at the top that tells where the email actually came from. But, unless it becomes massive, I doubt they are going to take the time to investigate the perpetrators.

    Tracy

  6. #6
    ABW Adviser Panel Dynamoo's Avatar
    Join Date
    January 18th, 2005
    Location
    Opposite the Slough of Despond
    Posts
    5,465
    Assuming your hosting company is not the same as your ISP, there will be no need to tell your ISP. It's a good idea to tell your hosting company though BEFORE they get deluged with complaints.

    Incidentally, any professional spam-hunter or anti-spam tool such as SpamCop will ignore the "From" address in the emails as being fake anyway and will instead target the relaying mail servers and originating IP addresses.

    The only people likely to complain to your host are amateur spam hunters who don't yet understand about faked addresses.

    However. here's a slightly more serious downside: really stupid system administrators may block mail coming from your domain because they're too stupid to realise that it's a fake (I know this from personal experience). This will only impact you if you try to email from your domain to one run by the stupid people.

  7. #7
    pph Expert! Gordon's Avatar
    Join Date
    January 18th, 2005
    Location
    Edmonton Canada
    Posts
    5,781
    I still have it happening to me. I worote to my hosts and this is their reply. [img]/infopop/emoticons/icon_frown.gif[/img] :mad:

    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>Dear Sir/Madam,

    I have looked into the issue and I found that the domains .htaccess file is not correct. I have also looked into the email issue. I found that all the IP address in the mailer-log file are the same for that domain. I have noticed that code is not supported in the .htaccess file. If you would like us to debug the code it will be $150 and hour. If you have any further questions or problems please let us know.

    Thanks,
    <HR></BLOCKQUOTE>
    This was after expaining to them that my .htaccess file has been the same for over 12 months and it is only recently this has started to happen.
    Needless to say I am now transfering all my sites to THMedia.

  8. #8
    Full Member
    Join Date
    January 18th, 2005
    Posts
    315
    Andy,

    Well, I don't use formmail right now. It is part of a newsletter program I have, which I haven't used yet. The formmail, however, is an updated version, not the old one with the questionable security - my host updated it for me within a few days of my installing my script.

    But I don't think that's the problem anyhow - I've had this happen before and that was before installing the newsletter script. The first time it happened, I think my cgi-bin was totally empty!

    The advice about renaming it is an idea, though! [img]/infopop/emoticons/icon_smile.gif[/img]

  9. #9
    Defender of Truth, Justice and the Affiliate Way
    Join Date
    January 18th, 2005
    Location
    The Swamp
    Posts
    7,503
    Janiss,

    check here to see what your state's anti spam law states. For me, using false domain names and forged routing information to send spam is unlawful. If someone forges my email address on spam, then I should be able to file a complaint with my Attorney General's office. Are there may be some other catch in your state's law. Not a quick fix, but no harm in checking.

  10. #10
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Winterpeg, the Mosquito Capital of Canada
    Posts
    2,299
    I have had it twice in the past month or two.
    Is it the porno one that ends lets embarass the s**t or something to that effect? If so I would certainly like to find out if you track them down so mayber they will stop using my address too. Shaw.ca here won't do a thing to stop them as per my last e mail to them about it, so I may have to dig further.

  11. #11
    Full Member
    Join Date
    January 18th, 2005
    Posts
    399
    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>Originally posted by BestLittleFreeHouse:
    Janiss,

    check here to see what your state's anti spam law states.
    <HR></BLOCKQUOTE>

    I counted 26 states, that's not good at all, and most of those have pretty lame rules. Like only against the rules if sent within or to the state or "if the sender knows that the recipient is a XXXXXXXX resident" - HA! As soon as a spammer opened his mouth in court the judge would know the guy didn't know anything about anything.

    We need a federal law with none of that opt-out garbage (you cannot unsubscribe if you never subscribed).

    And none of that "ADV:" preface garbage either.

    I'm embarrassed to see Arizona isn't on the list at all. Then again, I don't think anybody in this state has ever gone to jail for shooting a trespasser . . .

  12. #12
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    2,279
    You're possibly also being affected by the Klez virus (you're not infected, other people are). I still get 40-50 Klez virus emails a day.

    One of the things Klez did was pick up email addresses from the infected person's computer -- both their address book and cached web pages (so if they visited your web site and your email addy is on it...). Once Klez had the addresses, it would use the infected person's mail to send out scads of emails that looked like they were FROM the addresses it picked up.

    If the bounced emails you are getting are 100-150K, I'd guess that's part of the problem. And there's not a whole lot you can do about it. [img]/infopop/emoticons/icon_frown.gif[/img]

  13. #13
    Full Member
    Join Date
    January 18th, 2005
    Posts
    315
    Thanks for all the input so far, everyone! Cedric, no it's not the Klez virus - the emails are just 1 or 2K. And they aren't porn, either (at least not this batch). As a matter of fact, here's what they're pushing:

    "we have Revolutionary software for light-fast anonymous bulk e-mailing for YOU

    Written in highly effective C programming language, this program will enable you to send email messages as fast as you have never realized to.
    Up to 7,000,000 sepatate messages per day [from ordinary dedicated server] delivery can be reached. Built in proxy support (SOCKS and HTTP) guarantees your privacy - no one will know the address of the server you're sending messages from.
    No CC: or BCC: using - only real email messages!"

    Maybe they're using their own tool to send these things out?

  14. #14
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Canada
    Posts
    1,650
    I am experiencing the same thing too; exact same message as Janiss. Someone is forging various scrambled addresses at one of my domains as their reply address so bounced messages end up at my catchall address.

    No idea who's doing it ... I don't have the techie skills to track this down.

    Make sure your host knows you have nothing to do with it.

  15. #15
    Full Member
    Join Date
    January 18th, 2005
    Posts
    399
    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>Originally posted by buckworks.com:
    Someone is forging various scrambled addresses at one of my domains as their reply address so bounced messages end up at my catchall address.

    No idea who's doing it ... I don't have the techie skills to track this down.
    <HR></BLOCKQUOTE>

    No need for the techie skills, paste one into spamcop and let it find the real sender.

  16. #16
    Defender of Truth, Justice and the Affiliate Way
    Join Date
    January 18th, 2005
    Location
    The Swamp
    Posts
    7,503
    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>Originallly posted by jaybat:
    I counted 26 states, that's not good at all, and most of those have pretty lame rules<HR></BLOCKQUOTE>

    I agree that the laws against spam are far and few between and generally not very effective. [img]/infopop/emoticons/icon_frown.gif[/img] I'm also not sure how up to date the list is. I see that New York is not on the list, but I remember reading about a huge case brought against a super spammer by the AG of New York. There does need to be better legislation (and more importantly enforcement), unfortunately it doesn't appear to be a priority with lawmakers.

    Janiss and bucksworth, you can run one of the bounced emails, with the headers included, through spam cop and it will give you the originating ISP to help track down where it's coming from. Also basically whatever the URL in the email is (unless it's an affiliate URL or a third party advertising company. Unfortunately, there really isn't much you can do about it. Same thing happened to my brother recently.

    I was actually getting some bounced messages for awhile that really weren't bounced. They were spam hidden in the bounced format. Guess they figured you would open it to see what email you sent didn't make it through. :mad: When I checked the headers carefully, I realized it wasn't bounced email at all. scum, scum, scum is all I can say. Isn't it fraud to represent yourself as someone else? I don't understand why there has to be a specific law for doing this with email.......

  17. #17
    Full Member
    Join Date
    January 18th, 2005
    Posts
    399
    "I remember reading about a huge case brought against a super spammer by the AG of New York."

    They may have brought it under something more generic, like fraud or theft of services - fine by me, more likely the spammers will get hit with womething severe if they lose.

    "Janiss and bucksworth, you can run one of the bounced emails, with the headers included, through spam cop and it will give you the originating ISP to help track down where it's coming from. Also basically whatever the URL in the email is (unless it's an affiliate URL or a third party advertising company."

    Why unless? Complain to the host of the third party - complain to the host of who they're advertising - and no, this won't get me any votes here but complain to the merchant and be sure to send along the aff's ID.

    I would feel NO guilt whatsoever over an affiliate losing his commissions as a result of spamming. At best, it was a case of ignorance is no excuse.

  18. #18
    Defender of Truth, Justice and the Affiliate Way
    Join Date
    January 18th, 2005
    Location
    The Swamp
    Posts
    7,503
    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>Why unless? Complain to the host of the third party - complain to the host of who they're advertising - and no, this won't get me any votes here but complain to the merchant and be sure to send along the aff's ID.
    <HR></BLOCKQUOTE>

    Guess I didn't phrase that well. I meant don't report to the merchant's ISP. It would be very appropriate to report to the merchant with the aff's ID and/or the affiliate network, if one is involved. I don't see why that statement would make you lose votes here. When other affiliate's spam, they are potentially stealing revenue from those of us who market in an ethical way.

  19. #19
    ABW Adviser Panel Dynamoo's Avatar
    Join Date
    January 18th, 2005
    Location
    Opposite the Slough of Despond
    Posts
    5,465
    SpamCop will automatically report for you (and it will dig the addresses out of the emails). If it's referencing a website, try SamSpade to do some digging and complain to their host.

    Better still, why not post the whole thing here, headers and all (you can always remove your own email address, we don't need that) and we can see what we can drag up? Could be fun!

  20. #20
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    637
    This is going to be a technical fix, not government. There are already laws on the books for fax spammers and I still get 2-3 per day. It's a huge pain to gather all your info, file a lawsuit, etc.

    The reason they are using your return address is to try and thwart the spam filters. One of the things many hosting companies and ISPs are trying is adding filters and lists to compare spam to. For example, they might do a quick check to see if the from address really exists (as it's shown in the spam) If the address is bogus, they know right there, it's spam and delete it. So the spammers countered with using names from their list as the from address. In addition they do it randomly now. So my email address is both a to and from on some spams. Great. [img]/infopop/emoticons/icon_frown.gif[/img]

    On the bright side, most hosts offer filtering. I know we do. Again, it's a pain, but some spam is just to easy to spot, you can cut down on it. For exmample, I've never seen anything but spam come from china.com. So all email with china.com anyplace in the headers is gone. Same for many others. You have to be careful and only insert the right info in the filter, otherwise you could be filtering legitimate email. But using spamcop (http://spamcop.net) and email encoders (http://www.siteup.com/encoder.html) you can reduce the spam. What the siteup encoder does is convert your email address to hi ascii characters which spammers don't read. So when you put your email address on your webpages, the harvesters don't see it, but your customers do. It works great. (there is a bug in it, tho, if your address has numbers in it. You'll have to edit the code it sends to manually. But otherwise it works.

    There are other services out there too. One you DONT want to use is mailshell. They are cons. They ripped us and probably others at CJ off on their bogus affiliate program. Stay away from them.

    Hope this helps!

  21. #21
    Full Member
    Join Date
    January 18th, 2005
    Posts
    399
    I have to point out one drawback of Spamcop (not really a drawback as much as something to be aware of). I metioned this a LOONG time ago so I'll repeat.

    Some of the professional spammers are situated that their hosts couldn't care less - they just want the money, so complaining to them does no good.

    If a spam from (making all this up) www.spammers.com uses a link in the email like www.spammers.com/redir?1234567 then you you won't accomplish anything by filing spam complaints according to spamcop (assuming para one is also true).

    You have to bite the bullet and click that link to find out who is *really* being advertised in the spam. There may be enough code in their redirect to tell them you're a live one, but if you want to complain to a merchant it's the only way to find out who the merchant is.

    And DO complain to the merchant's host - it may be the only way to get their attention if it's a fluke, and if they routinely hire spammer affiliates, it may get them booted too (obviously I'm not talking about such as Amazon here, I'm talking about the ink cartridge/credit check/credit card kind of places).

  22. #22
    Full Member
    Join Date
    January 18th, 2005
    Posts
    480
    FORMMAIL, including the "new" one is NOT secure. The new one can be just as easily spammed as the old one.

    1) Rename formmail to something else.

    2) Go to http://www.ctssn.com/linux/formMailFix.html and do the fix.

  23. #23
    Full Member
    Join Date
    January 18th, 2005
    Posts
    480
    The spammers do not have hosts that care. Reporting is next to useless. The only time it is useful is for NOVICE spammers. It may scare them into stopping.

    Spamcop is excellent at filtering spam and WELL WORTH the 3 dollars a month. They also filter computer viruses.

    If you are looking at fighting back, take a look at http://www.spambattle.com/

    That is the only thing that really works.

  24. #24
    Full Member
    Join Date
    January 18th, 2005
    Posts
    399
    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>Originally posted by Witness:
    The spammers do not have hosts that care. Reporting is next to useless. The only time it is useful is for NOVICE spammers. It may scare them into stopping.<HR></BLOCKQUOTE>

    One of the reasons to complain to the advertiser's host in addition. They're less likely to have a pro-spam hosting service (not necessarily, but it's another chance at accomplishing something).

  25. #25
    Defender of Truth, Justice and the Affiliate Way
    Join Date
    January 18th, 2005
    Location
    The Swamp
    Posts
    7,503
    OK Moo dig away. [img]/infopop/emoticons/icon_biggrin.gif[/img]

    Return-Path: <kjrmproductorservice@email.com>
    Received: from 12.34.32.110 ([62.90.8.146])
    by callisto.wwwnexus.com (8.11.6/8.11.6) with SMTP id g7DIRYv28931
    for <thisisme@mydomain.com>; Tue, 13 Aug 2002 13:27:35 -0500
    Message-Id: <200208131827.g7DIRYv28931@callisto.wwwnexus.com>
    Received: from smtp-server1.cfl.rr.com ([5.151.138.187]) by rly-xl04.mx.aol.com with esmtp; Aug, 13 2002 12:49:33 PM -0200
    Received: from 152.74.145.157 ([152.74.145.157]) by hd.regsoft.net with esmtp; Aug, 13 2002 12:00:50 PM -0000
    Received: from unknown (77.222.200.106) by rly-xw01.mx.aol.com with SMTP; Aug, 13 2002 11:08:32 AM -0000
    Received: from [190.198.219.49] by a231242.upc-a.chello.nl with QMQP; Aug, 13 2002 10:03:49 AM -0800
    From: "bdijTerrence O'Brien" <kjrmproductorservice@email.com>
    To: Jim@callisto.wwwnexus.com
    Cc:
    Subject: NEED SPAM-FRIENDLY HOSTING?
    Sender: "bdijTerrence O'Brien" <kjrmproductorservice@email.com>
    Mime-Version: 1.0
    Content-Type: text/html; charset="iso-8859-1"
    Date: Tue, 13 Aug 2002 13:19:03 -0400
    X-Mailer: Microsoft Outlook Express 6.00.2600.0000
    Status: O

    Do you feel that it should be your right to decide how you promote your website?

    Has your web hosting company asked you to stop advertising with spam or even disconnected your site for using bulk mailing to promote it?

    Why are you still letting hosting companies bully you around?

    spam is NOT illegal as long as there is a way for recipients to remove themselves in your message. A small group of anti-spam activists with loud mouths are trying convince you that it is in order to take away your right to inexpensive, effective advertising. Usually these anti-spam activists are in fact companies hired by the big corporations who are trying to monopolize the online marketing industry. Claim your right to free advertising today!

    We'll host your site without the fear of EVER AGAIN being disconnected for using spam. We believe it's your choice how you market your business and nobody should have the right to interfere with your private affairs.

    You will enjoy sites that STAY UP 98% of the time or your money back!

    Please take me to your site now!
    (http://www.bulletproof-hosts.bi@9-fd...o.php?id=1101P) This is the link from the source code. It was an HTML email.

+ Reply to Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. How to stop the SPAM email
    By Jane in forum Midnight Cafe'
    Replies: 10
    Last Post: July 26th, 2003, 01:32 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •