cancel
Showing results for 
Search instead for 
Did you mean: 

Stopping spam from my domain name hosted by Plusnet!

forsterbalcke
Grafter
Posts: 85
Registered: ‎22-08-2007

Stopping spam from my domain name hosted by Plusnet!

I publish books and Plusnet host my web site:
Holywellhousepublishing.co.uk
I set up a new mailbox yesterday with CATCH ALL set on.
Within minutes I received 250 returned e-mails which had been sent from mailboxes at my domain name.
NON of these mailboxes were created by me - they were all "random combinations of characters"@holywellhousepublishing.co.uk
It has been going on for months and must have damaged the reputation of my small publishing house.
Non of these spam messages have been sent from my own mailboxes or to anybody in my address book.
I have an Apple MacBook and use Apples MAIL software for e-mail.
And have now switched off the catch all settings - but that will NOT stop the spammers sernding out mail from my domain name.

HOW CAN I ESTABLISH THE CAUSE OF THIS PROBLEM?
AND HOW CAN I STOP THIS ABUSE OF MY DOMAIN NAME?
Bill Forster
18 REPLIES
Community Veteran
Posts: 3,789
Registered: ‎08-06-2007

Re: Stopping spam from my domain name hosted by Plusnet!

The email messages you receive when spammers use your domain is referred to as Backscatter, and it's practically impossible to stop.
One thing you could do is add SPF records for your domain, which might mitigate the amount of bounces, (although this relies on a correctly configured mail server and spam filter, and if these mail servers are backscattering to you, then it's likely it's misconfigured anyway)
On the plus side, this will have absolutely zero effect on your domains reputation.
forsterbalcke
Grafter
Posts: 85
Registered: ‎22-08-2007

Re: Stopping spam from my domain name hosted by Plusnet!

Barry,
I appreciate your response but if I got spam from Holywell House Publishing I would be pretty p*****d off with them!
I am hoping that it is within Plusnet's capabilities to stop this abuse of my domain name.
But not being a techie I have to await their response & just keep my fingers crossed.
I am assuming this is a fairly common problem which Plusnet will have encountered before ...?
And am hoping that by switching off CATCH ALL in  my mail setting I shall no longer receive "back scatter" since I was not receiving it until I set up the new mail box.
Bill
Community Veteran
Posts: 26,744
Thanks: 954
Fixes: 10
Registered: ‎10-04-2007

Re: Stopping spam from my domain name hosted by Plusnet!

It is absolutely 100% impossible for Plusnet to stop it as it will be originating from outside the Plusnet network and being sent to outside the Plusnet network. Only when it is bounced will it be returned to the spoofed senders address.
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£13/month)
Mobile: iD mobile (£4/month)
forsterbalcke
Grafter
Posts: 85
Registered: ‎22-08-2007

Re: Stopping spam from my domain name hosted by Plusnet!

So how does it happen? Am I at fault?
Or could it happen to any domain name owner? eg Microsoft?
Bill
Community Veteran
Posts: 38,460
Thanks: 1,031
Fixes: 62
Registered: ‎15-06-2007

Re: Stopping spam from my domain name hosted by Plusnet!

I will give you one clue.
Your email address on the site is in plain text and all the spam bot crawlers can and will pick it up
Community Veteran
Posts: 3,789
Registered: ‎08-06-2007

Re: Stopping spam from my domain name hosted by Plusnet!

It's a bit like someone sending a letter and putting your name and address as the "return address" on the back of the envelope - how can you stop that from happening in the "real world" ?
Community Veteran
Posts: 26,744
Thanks: 954
Fixes: 10
Registered: ‎10-04-2007

Re: Stopping spam from my domain name hosted by Plusnet!

I've sent you a demo email and a PM.
You need to make it harder for spammers to copy your email address from your website.
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£13/month)
Mobile: iD mobile (£4/month)
forsterbalcke
Grafter
Posts: 85
Registered: ‎22-08-2007

Re: Stopping spam from my domain name hosted by Plusnet!

Sure, I have been careless in putting my e-mail address on the web site BUT I have received very little Spam as a result.
I started by using FORMS but got relaxed since Spam was minimal (thank you Plusnet) but domain names are on every page of every web site on the Internet!
And its the domain name they have copied - not the mailbox name.
Bill
Community Veteran
Posts: 26,744
Thanks: 954
Fixes: 10
Registered: ‎10-04-2007

Re: Stopping spam from my domain name hosted by Plusnet!

Practically all spam has a spoofed senders name. With luck whoever is responsible for the current batch using your domain will move on soon.
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£13/month)
Mobile: iD mobile (£4/month)
forsterbalcke
Grafter
Posts: 85
Registered: ‎22-08-2007

Re: Stopping spam from my domain name hosted by Plusnet!

According to Plusnet they could only send mail from hundreds of different randomly generated mailboxes, non of them mine, if they had access o the password for my account.
Plusnet advise me to change my password.
That's easily done BUT is it really the explanation?
Quite apart from the fact that I have not disclosed my password - except when logging on - Jelv has (half) convinced me that one does NOT need to know my password to send spam from a fake sender name @ my domain name.
Bill
Community Veteran
Posts: 38,460
Thanks: 1,031
Fixes: 62
Registered: ‎15-06-2007

Re: Stopping spam from my domain name hosted by Plusnet!

Rubbish
That assumes that the emails are actually coming from your account and not from another source using a spoofed sender address
forsterbalcke
Grafter
Posts: 85
Registered: ‎22-08-2007

Re: Stopping spam from my domain name hosted by Plusnet!

I am getting out of my depth here but this is the explanation and advice I received from Plusnet:-
----------- snip
Dear Mr Forster,
Thanks for getting back to us.
I am sorry that your issue is continuing. I agree that turning catch all off would help the situation.
However, the only way anyone is able to send email using your domain would be to have your password and username. Therefore, the easiest way to resolve this would be to change your password on your account. This would stop people being able to send email using your domain.
Please do not hesitate to get back in touch online at https://portal.plus.net/wizard/?p=search if we can be of any further assistance.
Kind regards,
-------------- end
Is this incorrect?
Bill
Community Veteran
Posts: 38,460
Thanks: 1,031
Fixes: 62
Registered: ‎15-06-2007

Re: Stopping spam from my domain name hosted by Plusnet!

It isn't wrong but isn't what is happening.
The emails aren't being sent from your domain but from somewhere else spoofing your domain
I used to get loads of them supposedly from my Plusnet address but they weren't and they eventually stopped
MJN
Aspiring Pro
Posts: 1,103
Thanks: 54
Fixes: 2
Registered: ‎26-08-2010

Re: Stopping spam from my domain name hosted by Plusnet!

Quote from: forsterbalcke
However, the only way anyone is able to send email using your domain would be to have your password and username. Therefore, the easiest way to resolve this would be to change your password on your account.

This is wrong.
As advised above it is trivially easy for a spammer to spoof mail to make it appear to come from your domain, and indeed is the modus operandi for the majority of spam/malware outfits because they have got nothing to gain (but plenty to lose) if they were to use their own domains.
There are various anti-forgery mechanisms, such as SPF as mentioned by Barry, DKIM, etc that have been developed to try and mitigate this issue but they all come with drawbacks that has resulted in their take up being relatively low. As a self-confessed non-techy you might not to wish to climb the learning curve necessary to safely implement them anyway. Furthermore, mail servers that cause backscatter (as a result of not rejecting mail during the SMTP dialogue) are most unlikely to do their bit and employ these techniques and so you would likely not see any real benefit from going down that route anyway.
There is nothing you or Plusnet can really do about it. Even removing e-mail addresses from your site won't stop the domain being picked up from other sources (search engines, whois, site trackers, domain registrars etc). Removing your catchall makes sense however not only to reduce incoming spam but also to reduce your visibility of backscatter so you are not constantly reminded of how big a problem it is.
For what it's worth, it is nothing personal - it is unlikely you have been hand-picked by a human to be spoofed but rather been picked up by their crawlers along with every other domain out there.
Mathew