My website is www.gentlemenoffortune.com
Somebody is sending out spam using my @gentlemenoffortune.com address.
Is there ANYTHING I can do to prevent this?
Help
Greg
Full Version: Spammers Got Ahold Of My Domain Name For Spam
Nope,
As long as they have not gained access to your site, there is nothing you can do to stop them. I can put anything I want in my return address and it will look like it comes from there. The headers give the real story though so as long as the headers do not match your site then you are safe even though it "looks" like it is coming from you.
As long as they have not gained access to your site, there is nothing you can do to stop them. I can put anything I want in my return address and it will look like it comes from there. The headers give the real story though so as long as the headers do not match your site then you are safe even though it "looks" like it is coming from you.
spammners 
Hmmmm.... I don't know... Here is an example of a "returned" email....
Does the header tell the story in my favor?
Hi. This is the qmail-send program at sincity.telecable.es.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<lsqka@igijon.com>:
Sorry, no mailbox here by that name. (#5.1.1)
--- Below this line is a copy of the message.
Return-Path: <llxxdo@gentlemenoffortune.com>
Received: (qmail 26855 invoked from network); 14 Oct 2006 04:57:21 -0000
Received: from unknown (HELO ujzsmm) ([58.49.110.42])
(envelope-sender <llxxdo@gentlemenoffortune.com>)
by sincity.telecable.es (qmail-ldap-1.03) with SMTP
for <lsqka@igijon.com>; 14 Oct 2006 04:57:21 -0000
Received: from 58.49.24.30 ([58.49.24.30]) by ujzsmm with Microsoft SMTPSVC(6.0.3790.211); Wed, 27 Sep 2006 13:06:34 +0800
Message-ID: <451A0490.8070508@gentlemenoffortune.com>
Date: Wed, 27 Sep 2006 12:56:48 +0800
From: Rosaline Brandon <llxxdo@gentlemenoffortune.com>
User-Agent: Thunderbird 1.5.0.7 (Windows/20060909)
MIME-Version: 1.0
To: lsqka@igijon.com
Subject: adjudicator lace
Content-Type: multipart/related;
boundary="------------080100060108000600010908"
This is a multi-part message in MIME format.
--------------080100060108000600010908
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
<img alt="" src="cid:part1.00040506.08010709@gentlemenoffortune.com"
height="441" width="523"><br>
S
Does the header tell the story in my favor?
Hi. This is the qmail-send program at sincity.telecable.es.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<lsqka@igijon.com>:
Sorry, no mailbox here by that name. (#5.1.1)
--- Below this line is a copy of the message.
Return-Path: <llxxdo@gentlemenoffortune.com>
Received: (qmail 26855 invoked from network); 14 Oct 2006 04:57:21 -0000
Received: from unknown (HELO ujzsmm) ([58.49.110.42])
(envelope-sender <llxxdo@gentlemenoffortune.com>)
by sincity.telecable.es (qmail-ldap-1.03) with SMTP
for <lsqka@igijon.com>; 14 Oct 2006 04:57:21 -0000
Received: from 58.49.24.30 ([58.49.24.30]) by ujzsmm with Microsoft SMTPSVC(6.0.3790.211); Wed, 27 Sep 2006 13:06:34 +0800
Message-ID: <451A0490.8070508@gentlemenoffortune.com>
Date: Wed, 27 Sep 2006 12:56:48 +0800
From: Rosaline Brandon <llxxdo@gentlemenoffortune.com>
User-Agent: Thunderbird 1.5.0.7 (Windows/20060909)
MIME-Version: 1.0
To: lsqka@igijon.com
Subject: adjudicator lace
Content-Type: multipart/related;
boundary="------------080100060108000600010908"
This is a multi-part message in MIME format.
--------------080100060108000600010908
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
<img alt="" src="cid:part1.00040506.08010709@gentlemenoffortune.com"
height="441" width="523"><br>
S
Look at the header part
the ip 58.49.24.30
resolves to
inetnum: 58.48.0.0 - 58.55.255.255
netname: CHINANET-HB
descr: CHINANET Hubei province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
You can use NIC.COM to look at a ip address
QUOTE
Received: from 58.49.24.30 ([58.49.24.30]) by ujzsmm with Microsoft SMTPSVC(6.0.3790.211); Wed, 27 Sep 2006 13:06:34 +0800
the ip 58.49.24.30
resolves to
inetnum: 58.48.0.0 - 58.55.255.255
netname: CHINANET-HB
descr: CHINANET Hubei province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
You can use NIC.COM to look at a ip address
IF your still worried, please contact the help desk who can advise you more and double check all your settings for you.
I would also suggest changing all passwords too
JimE
I would also suggest changing all passwords too
JimE
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.