Page 1 of 2 12 LastLast
Results 1 to 15 of 20
  1. #1
    Lounger
    Join Date
    Jan 2011
    Posts
    35
    Thanks
    8
    Thanked 0 Times in 0 Posts

    Is having my email address spoofed a problem?

    Hi Fellow Loungers,

    I have my own domain, website and three active email addresses.

    Just recently I have been receiving multiple emails to one of these addresses, from postmaster@ or mailer-daemon@ advising of undeliverable emails. Looking at the emails, they are always spam, and my email address has been spoofed as the ‘return’ address.

    I am not involved in sending any of these emails and even after changing my web server domain password and the particular email password, these ‘bounces’ keep occuring.

    While many of the original emails are in English, others are in Dutch, Spanish, German, Italian, Portuguese and even Chinese.

    I am concerned that my email address may be ‘black-listed’. Is there anything I can, or should do?

    Dennis in Melbourne
    Ban shreded cheese so America can be grate again!

  2. #2
    Super Moderator
    Join Date
    Aug 2012
    Location
    Durham UK
    Posts
    6,645
    Thanks
    147
    Thanked 884 Times in 845 Posts
    When changing the password doesn't work then it will be best if you contact the email provider.

    These are the links for Gmail and Outlook -

    https://support.google.com/mail/answer/50270?hl=en

    https://support.office.com/en-gb/art...rs=en-GB&ad=GB

  3. #3
    Silver Lounger RolandJS's Avatar
    Join Date
    Dec 2009
    Location
    Austin metro area TX USA
    Posts
    1,735
    Thanks
    95
    Thanked 130 Times in 127 Posts
    Contact the ISP/email provider quickly, your email address certainly can be banned by several ISPs. Being spoofed was not your fault, however, if not acted upon i.e. reporting such to your ISP/email service, such certainly can become your problem, big time. Thankfully, most spoofs die off over time.
    "Take care of thy backups and thy restores shall take care of thee." Ben Franklin revisited.
    http://collegecafe.fr.yuku.com/forum...-Technologies/

  4. The Following 2 Users Say Thank You to RolandJS For This Useful Post:

    Dennis Wright (2016-11-17),Lugh (2016-11-19)

  5. #4
    Lounger
    Join Date
    Jan 2011
    Posts
    35
    Thanks
    8
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Sudo15 View Post
    When changing the password doesn't work then it will be best if you contact the email provider.

    These are the links for Gmail and Outlook -

    https://support.google.com/mail/answer/50270?hl=en

    https://support.office.com/en-gb/art...rs=en-GB&ad=GB
    My host, (and email provider), is Just Host, my domain is irishtype3dna.org and I use Mozilla Thunderbird as my email client. I have contacted Just Host and they merely suggested changing passwords, which, I have found, made no difference ... I am still receiving bounced messages.

    Am I correct, that if someone wants to spoof the sending address, they can enter anything they like ... they don't have to have access to that account, do they? They are just entering a legitimate address, mine.

  6. #5
    Lounger
    Join Date
    Jan 2011
    Posts
    35
    Thanks
    8
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by RolandJS View Post
    Contact the ISP/email provider quickly, your email address certainly can be banned by several ISPs. Being spoofed was not your fault, however, if not acted upon i.e. reporting such to your ISP/email service, such certainly can become your problem, big time. Thankfully, most spoofs die off over time.
    Thank you, at your suggestion I have sent a message to my ISP (Spintel in Melbourne), who will call me in the morning to discuss.

  7. #6
    Star Lounger
    Join Date
    Dec 2009
    Location
    Carlisle UK
    Posts
    70
    Thanks
    20
    Thanked 9 Times in 7 Posts
    Quote Originally Posted by Dennis Wright View Post

    Am I correct, that if someone wants to spoof the sending address, they can enter anything they like ... they don't have to have access to that account, do they? They are just entering a legitimate address, mine.
    Yes that's quite right they can spoof any sender name

    I have my own domain which I've had for around 10 years and it happens from time to time. If you forward to yourself all the incoming messages which don't have a valid mailbox you can see it in action.

    For example, if my email mailbox is ""abc@example" you see return messages for "xyz@example.com"" "wroryt@example.com" and so on.

    Changing your password is a good precaution in case you've been hacked but wont stop someone spoofing your email.

    Unfortunately it's just something you have to put up with as even if you change domain it's likely to happen again.
    Last edited by Slorm; 2016-11-17 at 07:28.

  8. The Following User Says Thank You to Slorm For This Useful Post:

    Dennis Wright (2016-11-17)

  9. #7
    Lounger
    Join Date
    Jan 2011
    Posts
    35
    Thanks
    8
    Thanked 0 Times in 0 Posts
    Thank you Slorm. Excellent explanation.

  10. #8
    4 Star Lounger
    Join Date
    Dec 2009
    Location
    Paducah, Kentucky
    Posts
    430
    Thanks
    40
    Thanked 69 Times in 66 Posts
    Yes. I agree with Slorm (although lots of folks wish that there might be was something meaningful we could do about such behavior). Personally, I hate spammers and spoofing (and I think "fake news" and mindless forwarding of email is also contemptible).
    Clone or Image often! Backup, backup, backup, backup...
    - - - - -
    Home Built System: Windows 10 Home 64-bit, AMD Athlon II X3 435 CPU, 16GB DDR3 RAM, ASUSTeK M4A89GTD-PRO/USB3 (AM3) motherboard, 512GB SanDisk SSD, 3 TB WD HDD, 1024MB ATI AMD RADEON HD 6450 video, ASUS VE278 (1920x1080) display, ATAPI iHAS224 Optical Drive, integrated Realtek High Definition Audio

  11. #9
    WS Lounge VIP Coochin's Avatar
    Join Date
    Jun 2014
    Location
    Queensland, Australia
    Posts
    2,155
    Thanks
    31
    Thanked 307 Times in 267 Posts
    Quote Originally Posted by Dennis Wright View Post
    ...I use Mozilla Thunderbird as my email client...
    You might be able to get something useful by looking at the headers of the spoofed messages.

    In Thunderbird right-click on one of them then point at "Copy to Clipboard" then left-click "Headers"; then open Notepad and paste the clipboard content into Notepad.

    TbirdCopyHeader.jpg
    Computer Consultant/Technician since 1998 (first PC was Atari 1040STE in 1988).
    Most common computing error is EBKAC: Error Between Keyboard And Chairback
    AMD FX8120 (8-core @ 3.1GHz) CPU, Gigabyte GA-990FXA-D3 motherboard, 8GB (2x4GB) DDR3 1866MHz RAM, ATI-AMD Radeon HD6770 PCI-E VGA, 480GB Kingston SSD, 2TB Seagate SATA3.0 HDD, ASUS DVD/RW.

  12. #10
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,203
    Thanks
    49
    Thanked 989 Times in 919 Posts
    Generally IP addresses are black listed, not email addresses. The email address is just text inside the email and can be set to anything, whereas the IP address is tied to the ISP and machine.

    cheers, Paul

  13. #11
    New Lounger
    Join Date
    Feb 2014
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Dennis,
    I had an occasion like yours a while back. I also use my own domain name. For your domain registry you may want to use a different email address, since this registry is public information. Your domain host may provide (for a fee) an option to hide your registry information. I've not had any spoofing recurrence since hiding my registry info.

    I still don't know what the spoofer may have been trying to accomplish. Like you, I changed my password and contacted my email provider. You're right to closely guard access to your email accounts.

    We all should remember that domain registry data is public. Be careful what you put there.
    -kc

  14. #12
    Lounger
    Join Date
    Jan 2011
    Posts
    35
    Thanks
    8
    Thanked 0 Times in 0 Posts
    A couple of days ago, I had a legitimate email bounced by btinternet.com. They said in part:-

    "Too many messages from un-validated IP address xxx.xxx.xxx.xxx Please add a SPF record to your DNS or ask your Broadband Provider/Domain Registrar to do this."

    I could make no sense of this instruction, however when I went to Just Host help pages I found this:- https://my.justhost.com/hosting/help/spf

    Following these instructions I was able to add the required SPF record, and btinternet.com has accepted my emails again.

    I hope this helps others.

  15. #13
    Silver Lounger RolandJS's Avatar
    Join Date
    Dec 2009
    Location
    Austin metro area TX USA
    Posts
    1,735
    Thanks
    95
    Thanked 130 Times in 127 Posts
    I went to that justhost URL, it is so far above my pay-grade, can somebody tell me in middle school English what and how that good advice is done by an end-user.
    "Take care of thy backups and thy restores shall take care of thee." Ben Franklin revisited.
    http://collegecafe.fr.yuku.com/forum...-Technologies/

  16. #14
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,203
    Thanks
    49
    Thanked 989 Times in 919 Posts
    Roland, the SPF record is one method to validate that your mail is not from a spam bot.

    Example (made up values)
    My email domain is mymail.com.
    My mail server has the internet IP address or 215.145.31.168.
    I create an SPF entry in my public DNS record because I own / control my DNS record.

    When I send an email the receiver checks the public DNS and sees that the IP address sending the email is allowed to send email from my domain. All is now well.
    If another IP address attempts to send mail from my domain, the receiver will now bounce the message and there is now less spam in the world. All is now even better.

    cheers, Paul

  17. The Following 2 Users Say Thank You to Paul T For This Useful Post:

    brino (2016-11-24),Dennis Wright (2016-11-23)

  18. #15
    Silver Lounger RolandJS's Avatar
    Join Date
    Dec 2009
    Location
    Austin metro area TX USA
    Posts
    1,735
    Thanks
    95
    Thanked 130 Times in 127 Posts
    I don't own my email domain -- can I SPF my email process? One thing, I turn off my DSL modem/router at night, that will affect the SPF, correct?
    "Take care of thy backups and thy restores shall take care of thee." Ben Franklin revisited.
    http://collegecafe.fr.yuku.com/forum...-Technologies/

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •