Slashdot Mirror


Protecting Your Small Domain from Spam Hijacking?

Black Cardinal asks: "I have a small domain which I mostly use to post family photos and some software. I also use it to manage a few e-mail addresses that my wife and I use. A spammer recently hijacked my domain name, using it to construct fake return addresses for sending spam (without actually cracking my host account), and caused a flood of undeliverable mail messages to be sent to my domain hosting service, which promptly suspended my account. At the moment it looks like I may never be able to have any @gelhaus.net e-mail again. What can I and my domain hosting service do now to protect their incoming mail servers and my account from this kind of attack, and how can I protect my small domain from this kind of hijacking and allow me to keep it running?"

"My domain hosting service, CubeSoft, has been a good host for my domain for the past three years, and they have been very helpful in re-enabling most of my account, but at the moment they don't want to re-enable my e-mail because of the flood of returned spam coming in (30,000 messages per day). Since the return addresses are all invalid (e.g. 'nonexistent_address@gelhaus.net'), I would think it would be simple to filter out all messages that aren't specific ones I've set up (e.g. 'valid_address@gelhaus.net'). I can't believe my domain is the first to have experienced this problem. It would be a tragedy to have to just shut down my domain because of this. CubeSoft says there isn't any way to prevent it because there is nothing that stops a spammer from using a fake return e-mail address. What have others with small domains done to protect themselves?"

4 of 103 comments (clear)

  1. You have the Michael Bolton problem by utahjazz · · Score: 4, Funny

    You need to change your domain name. Obligatory "Office Space" quote:

    Samir: You know, there's nothing wrong with that name.

    Michael Bolton: There WAS nothing wrong with it. Until I was about 12 years old, and that no-talent-ass-clown because famous and started winning Grammys.

    Samir: Why don't you just go by Mike, instead of Michael?

    Michael Bolton: No way! Why should I change it? He's the one who sucks.

  2. Re:Use SPF to protect against "Joe Jobs" by anthony_dipierro · · Score: 2, Funny

    If everyone uses SPF, it will cut down on spam and joe-jobs.

    Of course, if everyone would stop spamming, it would also cut down on spam.

    It's a good idea, but SMTP without SPF is far too integrated into our lives to eliminate any time soon.

  3. Eureaka! by rylin · · Score: 3, Funny

    It's simple really!
    All you need to do is get a *really* long domainname.
    For instance, would you expect any spam to originate from llanfairpwllgwyngyllgogerychwyrndrobwllllantysilio gogogoch.com?

    I think not!
    Yet I'm sure there's at least a postmaster account running there (and surely a real account or two, even if just for fun's sake).

  4. Re:get your ISP to change your MX record by Xunker · · Score: 5, Funny

    Then how will legitimate mail arrive?

    That still exists?

    --
    Hilary Rosen's speech was about her love of money and her desire to roll around naked in a pile of money.