Protecting Your Small Domain from Spam Hijacking?

← Back to Stories (view on slashdot.org)

Protecting Your Small Domain from Spam Hijacking?

Posted by Cliff on Tuesday August 26, 2003 @09:30AM from the autoreplies-should-check-the-"Received"-header dept.

Black Cardinal asks: "I have a small domain which I mostly use to post family photos and some software. I also use it to manage a few e-mail addresses that my wife and I use. A spammer recently hijacked my domain name, using it to construct fake return addresses for sending spam (without actually cracking my host account), and caused a flood of undeliverable mail messages to be sent to my domain hosting service, which promptly suspended my account. At the moment it looks like I may never be able to have any @gelhaus.net e-mail again. What can I and my domain hosting service do now to protect their incoming mail servers and my account from this kind of attack, and how can I protect my small domain from this kind of hijacking and allow me to keep it running?"

"My domain hosting service, CubeSoft, has been a good host for my domain for the past three years, and they have been very helpful in re-enabling most of my account, but at the moment they don't want to re-enable my e-mail because of the flood of returned spam coming in (30,000 messages per day). Since the return addresses are all invalid (e.g. 'nonexistent_address@gelhaus.net'), I would think it would be simple to filter out all messages that aren't specific ones I've set up (e.g. 'valid_address@gelhaus.net'). I can't believe my domain is the first to have experienced this problem. It would be a tragedy to have to just shut down my domain because of this. CubeSoft says there isn't any way to prevent it because there is nothing that stops a spammer from using a fake return e-mail address. What have others with small domains done to protect themselves?"

5 of 103 comments (clear)

Min score:

Reason:

Sort:

As long as email isn't replaced... by lightspawn · 2003-08-26 09:38 · Score: 5, Insightful

by a secure protocol, I doubt very much anything can be done to protect against what is essentially a DDoS attack (which is, of course, a mere side effect of spam). But nobody seems interested in a modern-day email alternative. Whenever something bad happens, it's always the bad guys' fault, right? Remember, we don't need security, just a world with no bad people.
1. Re:As long as email isn't replaced... by Anonymous Coward · 2003-08-26 15:10 · Score: 2, Insightful
  
  I'm interested in cruise missles and seal teams as a viable spam solution.
  
  If the spam comes from china, find their mailservers, routers, and even fiber links, and solve the problem in the most american way I can think of. Hot, fast lead. If it comes from florida, really with that state why aren't we testing our nuclear stockpile there instead of wasting valuable cpu cycles that could be running doom III? Russia? Disperse some anthrax, and leak a story about how some dumbass russian researcher trying to suppliment his income with spamming forgot to ductape a bioweapons cabinet shut when he was done.
MX Trickery by sporty · 2003-08-26 09:41 · Score: 5, Insightful

Well, why not kill the MX for your normal domain and simply use a subdomain for a while (maybe, me.mydomain.com vs mydomain.com. At least then, all bounces won't resolve, and you can have your domain back.

--
-
ping -f 255.255.255.255 # if only
You're smart... by anthony_dipierro · 2003-08-26 09:51 · Score: 2, Insightful

At the moment it looks like I may never be able to have any @gelhaus.net e-mail again.

Since the return addresses are all invalid (e.g. 'nonexistent_address@gelhaus.net'), I would think it would be simple to filter out all messages that aren't specific ones I've set up (e.g. 'valid_address@gelhaus.net').

See that, you answered your own question. Just block invalid addresses.

I've had this happen before to my domain, and eventually it died down. If it doesn't die down for you maybe you could track the spammer down and sue her.

Any sane protocol would never suffer from this problem. Yet people still claim that email is not broken...
what would happen if... by bmac · 2003-08-26 17:10 · Score: 2, Insightful

(as I have done) instead of using your webhosting service's free email service, you just use a yahoo mail account? I don't think (tho I may be wrong) that yahoo would react the same way a normal webhost would because a) they should know that I at least didn't send all those spams from my account, and b) they probably filter a friggin' billion spams a day already.

My general opinion is that a division of labor should be kept between web page hosting and email hosting, even tho, of course, the server is designed to handle both services; perhaps the cost of setting up one of those 100M yahoo email accounts may be justified. The Chinese say "pay a lot, cry once" -- perhaps this is a side effect of the 'free pop emails' that hosting services always offer.

It's also *really* nice to be able to access your email from anywhere in the world (yeah, I know you can access your pop from anywhere, too, but it's definitely more of a pain). That, combined with need to never spam your contacts with a new email address (tho that's what the old Napster guy's working on now) every time I change ISPs.

Of course, none of the spam horseshi*t is going to change until email accounts only receive email from address on "the list". Come programmers! I've got enough shtuff to do already -- I don't have time to write that (relatively) simple application :-)

May the Peace & Blessings of our Creator be with you all,
bmac

Your life will change within minutes of seeking to deliver your spirit back to our Creator within your lifetime -- www.mihr.com