Surpass Web Hosting Forums - View Single Post - Spammer forging email from/reply to headers.

meephead · October 1st, 2006, 8:39 PM

I probably can't do much about this, but maybe someone can suggest a course of action I could take. Some unknown person is forging the from and reply-to email header addresses to my domain while spamming people with crap. The result is that I get a "Delivery Failed" type message every few minutes when he sends an email to a non existant account somewhere. The other down side is that it makes it seem as if I, or someone on my domain, is the actual spammer.

For now I turned off the catch-all email option so my inbox doesn't get flooded with this crap, but I'd honestly love to stop this person somehow. Sadly, there is nothing in the mail transfer data that would give me a hint on how to trace this back to him, the IPs and hostnames vary with every email so it's not easy to figure out. The only thing in there that makes me assume it's one person is the fact that the client and version number are identical in each failed delivery message I get.

Probably a hopeless case, but if there are any suggestions on what I could do let me know.

October 1st, 2006, 8:39 PM	#1 (permalink)
meephead Registered User Comfy Contributor Joined in Aug 2006 Hosted on SH103 106 posts Gave thanks: 3 Thanked 4 times	Spammer forging email from/reply to headers. I probably can't do much about this, but maybe someone can suggest a course of action I could take. Some unknown person is forging the from and reply-to email header addresses to my domain while spamming people with crap. The result is that I get a "Delivery Failed" type message every few minutes when he sends an email to a non existant account somewhere. The other down side is that it makes it seem as if I, or someone on my domain, is the actual spammer. For now I turned off the catch-all email option so my inbox doesn't get flooded with this crap, but I'd honestly love to stop this person somehow. Sadly, there is nothing in the mail transfer data that would give me a hint on how to trace this back to him, the IPs and hostnames vary with every email so it's not easy to figure out. The only thing in there that makes me assume it's one person is the fact that the client and version number are identical in each failed delivery message I get. Probably a hopeless case, but if there are any suggestions on what I could do let me know. __________________ [SH103] http://nemesia.org/