For the last couple weeks, my domain has been getting flooded with MAILER-DAEMON bouncebacks. Apparently someone is spamming, and using addresses on my domain as the “From” address. I’m getting everything from “failure notice” to “user over quota” and even “out of office notice.” The addresses used are nonsense addresses on my domain. I use my domain as a catchall, you see. This allows me to set up addresses like mark.foo@example.com
, so that if foo.com
sells me out to spammers, I can just blacklist that address.
I’m using a whitelisting system (BoxTrapper) to add new addresses. So, when signing up at foo.com
, I’d whitelist the mark.foo@example.com
address, and mail to that address would get through. Anything else is probably spam, and has to make it through one of those annoying “prove you’re a human” things. Real humans should never see it unless they’re guessing my e-mail address. Any of the addresses I give to real human beings will be pre-whitelisted.
Still, it appears that BoxTrapper ignores the whitelist/blacklist settings for mail from “MAILER-DAEMON” or “Mail Delivery System,” so all of this crap from spam that other people sent is going into my inbox.
I turned SpamAssassin on and set it to delete the e-mails it catches instead of just marking the subject, and that’s stopped a lot. And I’ve been dutifully marking the messages as spam in Gmail, which is learning pretty well. But still, about a dozen a day are making it to my inbox. Every time my phone vibrates with a new e-mail my girlfriend shoots me the “you’re going to ignore me and pay attention to that stupid thing” look of death (which I can’t say I don’t deserve). So now I’m getting that look more frequently, because of this bounced spam.
I don’t think this is a Joe Job. It’s probably just that I have a 4-letter TLD and it was chosen randomly. So, e-mail spam backscatter. Does anyone have any suggestions for me?
Michael Hampton says
Clean your guns and keep them ready. It’s almost spammer season.
dr Dave says
Yea, I have been getting those in strides too. One major run every other week or so. Each time, my mailbox is suddenly stuffed with a few thousands bouncebacks (I shudder to think of how many spams have been sent in the first place). To the point it’s become a nuisance to download, regardless of how many effectively make it through Apple Mail spam filter.
I’m not sure how they pick their domain, I suppose it might also have to do with whatever PR the domain has… Figuring more well known domain will go through more easily. But I also sense this has affected negatively my own sending ability, as far as I increasingly get caught in my friends’ spam filter (on Yahoo, particularly)… Unfortunately, there still seems to be spam filter stupid enough out there to trust the “From:” field when making their blacklists.
I am getting increasingly convinced that email just isn’t fit for 21st century usage any more. It’s now completely unreliable in both directions. It’s really high time for a more secure standard to emerge.
Mark says
My PR did just go up to a 7… maybe that played a role. Just had someone else e-mail me and say that they recently saw an upswing too. All three of us have WordPress usage and development in common, however, so I’m still on the fence about whether it is random or targeted.
Benjamin Geiger says
Must be usage, since I haven’t done any real WordPress development and I got the same treatment. My PR is 5… not sure what that says about the PR based targeting idea.
The good news is it slows to a trickle after a week or two.
Michael says
Try SPF. That should solve your problem.
Euan Dalton says
Iam getting E_MAILS every day from mailer daemon I delete them always .Iseldom send e-mails as Iam not very conversant with this form of correspondence So why do I have to put with it. How can I stop it?
Euan Dalton says
I do not know what you mean, I just want advice on how to stop this
Michael says
Search the Internet for “SPF” and you will find that the term stands for Sender Policy Framework. If your domain host will implement it on the email server, you will find that no one can use your domain name to send email as if it came from you. Check it out at http://www.openspf.org.
If your host won’t use it, then find another host. That is the first step in taking control of email. When we all do that, we can’t be used as a source of spam.
Also, keep using BoxTrapper as well. There’s nothing wrong with forcing the spammers to confirm their email manually. Your friends and contacts only have to do it once, and not even once if you initiated the correspondence.