On Sat, 31 May 2003, Stephen J. Wilcox wrote:
Hi, seems some spammers are using one of my personal domains as the from field in their emails, the local-part being random so I cant easily block it.
Has anyone any advice on tracking them down and making them stop?
All I get are the bounces, some include the original headers but that usually gives an open relay as the origin.
I think I know the answer (you cant do anything) but I wanted to ask as its very annoying and I'm not happy!
man 8 syslogd, section "SECURITY THREATS", #5. You are being "joe jobbed". Your best bet is contacting a few of the sites that are likely to be a little more clueful and see if they can get you copies of the actual email in full from the recipient, spamtrap, or spam archives. This is happening more and more to the average joe. It used to rarely happen to Joe Blow off the street but was actually a common occurence to anti-spammers (wack-a-mole a spammer a few times and then get very... sad). There isn't much you can do about it. You might ask some of the lists that actually deal in spam or ask NANAE (new.admin.net-abuse.email) for further advice. Procmail is your friend, Justin