kevin

We all hate spam...well I hope you all do. I get a lot of returned email to a domain name that I own and that is hosted on Surpass. Most of the mail states things like user not known etc. The originator of the email is someusermydomain.com. someuser does not exist and is often something like ahgedfremydomain.com.

An educated guess is that it is mail originating from a spammer that is faking someusermydomain.com to send out mail.

I've always thought that this would be impossible to stop, but the other day I came across a website http://www.openspf.org/ that says that having a SPF record in my DNS zone would help beat it. It was a report from http://www.dnsreport.com/ that lead me to this. Check your domain name and look under Category, Mail;
Test Name, SPF record. All my domains hosted at Surpass give the same warning.

Your domain does not have an SPF record. This means that spammers can easily send out E-mail that looks like it came from your domain, which can make your domain look bad (if the recipient thinks you really sent it), and can cost you money (when people complain to you, rather than the spammer). You may want to add an SPF record ASAP, as 01 Oct 2004 was the target date for domains to have SPF records in place (Hotmail, for example, started checking SPF records on 01 Oct 2004).

http://www.openspf.org/ have a wizard to help in getting the correct entry to add to a DNS zone. However I don't have access to the DNS zone.

Does anybody have any experience with this? Would surpass be prepared to experiment with me on this? I can give a little used but highly spammed domain name to play with.

Email me at kevina2zpattaya.com

__________________
http://www.a2zworldwideweb.com/
pass87.dizinc.com (66.7.201.232)

kevin

I'm very disappointed in the lack of response on this subject. Even Supass failed to respond.

I can only conclude that you are all spammers.

I have been attacked and am currently downloading over 200 returned emails sent by someone who faked my email address.

Please lets work together to fight this.............

__________________
http://www.a2zworldwideweb.com/
pass87.dizinc.com (66.7.201.232)

H

Aww, we're all spammers. One big, happy spamming family. Right... I hope you considered that many of the people on this forum don't have a heck of a lot of experience with DNS, nevermind the SPF part of it. I'd say 9/10 people would have to do research to do anything more than change the DNS servers.

And from what I've read, it doesn't necessarily stop someone from sending an e-mail faked as your domain. It only gives mailservers something to check when receiving mail. Not all will do it.

I see no mention of a support ticket in either of your threads. You might want to start there as my guess is they'd likely have more knowledge about DNS than the average client.

demontech

You can always forward the email in question to their service provider.
And hope that they take action against it. You can lookup the domain name here:
http://www.demontech.net/mod.php?mod...=&ord_prod_id=

I normally report the most of the spam i get. Sometimes they respond and take action. Sometimes they never reply.

__________________
Sincerely,
Demon

High Quality Hosting Service Provided By
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Einstein

I'm very impresses by this SPF ... if everyone used it then SPAM would be reduced.

kevin, what type entry was you thinking off? I want to test this out, but want some comments about the issue. Is this IN TXT "v=spf1 a -all" OK?

__________________

The secret to creativity is knowing how to hide your sources. - Alber Einstein
Centi: ykkosrasti.net
My sites on Pass38, reseller: kimslotte.net|mtb-o.net|perhekuvat.net|nettikuvat.net|tiedostotila.net
About me

miakeru

You're absolutely right.

SPF records do NOT (usually) fix anything. The only thing that they can do is allow you to easily identify spoofed e-mail, not prevent it.

A spammer can easily send out spam that looks like it's coming from your domain with or without an SPF record. With the record in place it just allows people to easily identify (with mail servers set to interpret the record) your e-mail as legitimate. It doesn't flag the spam that's being sent out at all, so the only difference it makes is that you're address says "Hey, I'm the real one."

Think of if this way. Let's say you have a twin brother... the both of you look exactly the same, but you're wearing something different. You've got this button on your shirt that says "I'm the real Kevin." -shrugs-

SPF records are generally useless as they're not yet widely adopted.

You can't stop someone from spoofing your address.

Einstein

But by adding an SPF record is one step into the correct direction.

__________________

The secret to creativity is knowing how to hide your sources. - Alber Einstein
Centi: ykkosrasti.net
My sites on Pass38, reseller: kimslotte.net|mtb-o.net|perhekuvat.net|nettikuvat.net|tiedostotila.net
About me

miakeru

Not entirely. Mail servers must be set up to interpret and handle the records, and most don't. While you may be using the record if the server that receives the message isn't set to do anything with it, there's no benefit.

To get SPF more attention, people need to write in to their ISPs and web hosts and ask that it be implemented. As the OpenSPF site states "... IP-address-based reputation systems like Spamhaus or SpamCop have prevailed so far..."

The great thing about IP-based reputation systems is that they can generally bet set up without much (or any) interaction with server administrators. While a package like SpamAssassin must be installed by them, it's up to the user to configure it to use certain blacklisting services and to set up levels of protection. It works fantabulously well.

jonr

I see that Hotmail has started to block emails from one of my domains, since I guess they are getting alot of forget From: addresses with my domain. This is very annoying, should I ask surpass to add a SPF line in my dns?

__________________
Hosted by surpass on sh104: 4-3system.com hhr.is
arena.is ° Get Firefox