Email Spammer Is Sending Me Mail Under My Own Name. What to

gamefowlworld · #1 (**permalink**) 10-31-2005, 06:27 PM

For about 2 weeks now I get 3 or 4 spam emails a day from this person (machine) or whatever.

I cant mark them as spam because they are somehow sending it using my own email address and if I did that I wouldnt get the emails I do want.

Meaning its comeing from myScreenName@dang.com and is being deliverd to mysScreenName@dang.com

Any Idea what I can do to get rid of whoever this is?

How are they sending them to me using my very own email adress?

Thanks

jmoran77 · #2 (**permalink**) 10-31-2005, 09:18 PM

Do you have a php sendmail active on your forum or website? Spammers can use this sometimes

gamefowlworld · #3 (**permalink**) 10-31-2005, 09:54 PM

Yes but its I think its all in the back end set up! Its only used to send out activaton links when persons register.

Any Idea On how to track who this is doing ths so I can stop it?

MuNKyonline · #4 (**permalink**) 11-02-2005, 04:21 AM

I'm getting this on my own website too. I've written my own php mail script for the contact form so I presume they are using that.

The e-mails are random though. And are more like hjfdhjkh@munkyonline.co.uk and the subject will be jkldjfklsfjkl too!

It seems to have died down a bit now but I was getting at least four e-mails a day!

I think someone said that people use this to somehow gain access through frontpage extensions on the server. I dont have this as my website is hosted on a Linux server so thats probably why they're starting to give up?!

jmoran77 · #5 (**permalink**) 11-03-2005, 01:34 AM

Maybe you can find the IP address in your log file and block the IP

shibili · #6 (**permalink**) 03-13-2006, 03:28 AM

Anyone can do this by using a mass mailing software. But since spammers usually send things in bulk, I think they will have some script only for this. I have an article posted on my blog about spamming. Do check it out!

weegillis · #7 (**permalink**) 03-15-2006, 06:29 PM

You might not be able to stop it coming into your inbox, but you can filter it once it's there. Just send any mail 'From %a' AND 'To %a' to the Junk Mail Folder or delete it straight away.

You might be able to trace it back to the originating IP in the Received From entries in the header. It should be the one closest to the Subject line. A quick scan of your server logs might yield a match. If so, review the page(s) served to that IP and eee if any of them give up a clue as to how your address was harvested.

If you haven't already, you may also wish to script all the private information on your site so it can only be opened in a browser, or at least make it that much harder to harvest. Well, from your site, anyway.

We wouldn't have spam if people would quit opening it. How badly must one need mail to be lured into the stuff floating around these days? How many people have their Send Receipt turned on, and worse, the reading pane?

These things invariably make one form of server call or another, usually by multiple avenues--Receipt, Dispostition, images. The best we can do is make sure we have the correct settings to disable these items. Sadly, on the grand scale few people do.

Your firewall can help you here. If stuff is getting through or being blocked, you can track down the IP traffic to and from your mail client. Anything you didn't click on, happened by itself. Now you know what to block, or restrict in some way.

With the proper safeguards in place, you can then set about creating a Trusted list that you can elevate to higher permission levels. Again, your firewall will be the key here, since that's where the real trust is established.

Then there is the last, and the best--the worst, actually--slyware on your machine. A good firewall, (like Outpost Firewall Pro, for instance) will put a complete stop to this, but if you have weak defenses private information may be leaving your machine without your knowledge.

Routine scanning for both malicious and innocuous software and tracking are a must in today's world. I can think of no better place to establish a first and last line of defense than the firewall. Track down those undesirable IPs and let the FW filter them, with no other program running in the background but an antivirus. The firewall's database is always going to be your best authority because it is right up to the second, and it is immediately user configurable.

Other measures may be the online filtering that comes with your mail account. You may be able to filter your mail before it arrives at your mail client. And as mentioned above, your mail provider may have an alternate SMTP port.

Easywebdev · #8 (**permalink**) 03-16-2006, 05:11 AM

You need to look at the full header of the email.
Are they just spoofing the from email field or are they actually sending via your forum.

If it is just that the from field is your email and the reply to is a different email then filter out the reply to email.

If its coming from your server then you have an open mail relay and a lot of problems to fix.

IcaruS · #9 (**permalink**) 03-22-2006, 08:14 AM

Hi,

In case you can access and configure your smtpd, i advice you using postfix, wich integrates native checks fighting well spam, especially strict rfc-compliant check.
A sample spam configuration can be found at http://www.revolsys.fr/postfix_nospam_sample.txt

cya :)