forged emails

magic_majax · #1 (**permalink**) 11-10-2005, 01:37 PM

Hi,

I have a problem of sorts - someone is forging emails from my domain - my old isp was kind enough to set up mail forwarding so that anything @ my domain name is automatically fed to my free account.

The other day I got an inexplicable message from someone wanting to be added to msn (which I don't use). It looks as if it was a fragment of a forums or other conversation.

I replied that I don't use MSN or any IM and said I had no idea what they were talking about. I've heard nothing since from that party.

Since then though I've received two emails, one to admin @ my domain another to info @ mydomain - someone appears to be trying to find an address they can fake or something.

I've updated my index page to conspicuously announce that forgery is in process, also mentioned that i almost never contact strangers on the internet.

What steps, if any, should I take next, and how to go about it? The motive of this person may be intellectual property theft, to defame me, or perhaps just claiming my stuff as their own for "kudos".

Maybe they just want to annoy me?

I'm aware that email forgery isn't very complex at all and I'm not particularly scared on the "techie" level but I don't know how to tackle this.

netman4ttm · #2 (**permalink**) 12-05-2005, 10:27 AM

This is not a cure all. But at least the spam lists use it so it will help.
http://www.openspf.org/
The sender policy framework is fairly simple and if you have control of your name servers they have a wizard for setting up the dns records.

magic_majax · #3 (**permalink**) 12-05-2005, 11:10 AM

Thanks for the thought but I don't control any mail servers, I use free web space that came with my dial-up and mail-forwarding (incoming only) that came with my domain name. I never actually send mail from my own domain, just a free yahoo account.

I think it would be fairly easy to subvert that system anyway, using sendmail.

I haven't had any faked mail for a couple of weeks, putting up the message on the index page and ignoring the troll seems to have done the trick.

I certainly haven't heard anything from anyone else in response to forged emails, I think I may be their only recipient. I think it's simply trolling aimed at me.