Email Spoofing

Did you know a person or a virus does not need to have access to your email account in order to spoof an email address?

What is Spoofing: 

E-mail spoofing is e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source. Because core SMTP doesn't provide any authentication, it is easy to impersonate and forge emails. 
 
More on email spoofing:
 
http://www.cert.org/tech_tips/email_spoofing.html
 
Unfortunately, there is nothing that can be done about spammers or viruses spoofing your domain name to send email. To stop receiving the messages that are not addressed to anyone in particular at your domain name we recommend disabling the catchall option and perhaps use aliases instead.

If you are continuing to receive hundreds of undeliverable messages, we can block them if you submit a separate request to support@hostdepot.com. Please note that legitimate undeliverable messages would also be blocked with this method.
 
Sometimes, you may see messages that you did not send but appear to be coming from your domain name or your email address... This may be the result of a virus eg. Sober, MyDoom, or Lanieca. It is possible that your computer could be affected as well as it may be someone else in your organization, or a client of yours who has your email address. 
 
For more information on the Sober virus please see http://securityresponse.symantec.com/avcenter/venc/data/w32.sober.p@mm.html for detailed reports...
 
For information on the MyDoom virus please see http://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.bt@mm.html.
 
We recommend running a virus scan on your computer after downloading the most recent virus definitions. You may also want to recommend that your colleagues and clients scan their computers for viruses at Norton Symantec's Security Site http://securitycheck.symantec.com  (using Internet Explorer). Or update their anti-virus programs to the latest virus definitions and then run a full scan on their system.
 
Tracing the original source of the messages:
 
If your undeliverable message included the headers for the original message, then you may be able to determine the domain/IP of the server used to send the message. With that you can attempt to contact the postmaster for that domain and ask them to help stop the spam messages causing the undeliverable messages or report it to the government here: http://www.ftc.gov/spam/.
 
Resources that may assist with this are as follows:
 
Tracing Spam - http://www.amigo.net/cms/index.php?id=74
IP lookups - www.dnsstuff.com 
 

Article ID: 109, Created On: 9/19/2011, Modified: 12/3/2013

Feedback (0)