Hi, I figured this would be the best place to ask this. I keep getting bounce backs from people who are getting spammed. The thing is, the spam looks like it is coming from my URLs! This is why I'm getting the bounce backs. I don't know if they are spoofing the email or found a hole in my email program. Just to clarify, a spam message gets sent to but it looks to joe that the spammer is from . I'm on my own dedicated server so I look for "uyl" as a mail id under plesk and see nothing. Any ideas? Is there anything I can do about this? This person is doing this from two of my sites and he/she must be sending out hundreds or thousands of messages a day. Thanks so much to anyone that can help with this. I am getting emails back from people saying not to spam them. I would hate for my sites to get blacklisted for spam when I don't even send out emails!
Check out SPF and publish an SPF record. In cases like this, it is best to advise with a small note on your site about the situation - It goes a long way!
How would one go about "checking out my SPF"? I believe I too am having some spammer using my site. to spam people because I keep getting bounced emails back to me allegedly sent through my domain here is an example: The original message was received at Fri, 24 Nov 2006 01:25:35 +0800 (MYT) from localhost.jaring.my [127.0.0.1] ----- The following addresses had permanent fatal errors ----- <akamari@mbox.jaring.my> (reason: Mailbox Full ) ----- Transcript of session follows ----- maildrop: maildir over quota. ******************** MAILBOX FULL ******************** The mail has not been delivered to the recepient because that mailbox is full Please try again at a later time ******************** MAILBOX FULL ******************** 550 5.0.0 <akamari@mbox.jaring.my>... Mailbox Full Code (markup):
howto SPF see the original site http://www.openspf.org/ it is a record ( TXT entry ) in your NS that YOU normally add if you have your own server - just for you and only ONE mail server / one domain as sender then make your SPF record as restrictive as possible the one i have is the maximum I know = means ALL - 100% of all mail - is sent only thru ONE single mailserver/domain such record added INTO your NS would look like (for my own NS on my server and for all other NS as well ) your_domain.com. IN TXT "v=spf1 a mx -all" the key difference is the quoted part 3 levels of sender "purity" known - highest level first lowest last - top to bottom: "v=spf1 a mx -all" "v=spf1 a mx ~all" "v=spf1 a mx ?all" if OTHER ppl have a mail account they have to be aware that with top level above they NEVER should send mail OUT using their ISP-smtp server else you break your own rule by having mail from ANY server using your domain name as sender like the spammers do if you want to see spam mail and study the mail origin always see FULL headers of an email if you use postfix study the options to filter non-authoritzed ... see http://www.postfix.org/postconf.5.html be as restrictive as possible just make sure you still get valid mail into and out of your mail box