Help- Spammer using my e-mail address

Hey everyone, over the past two days, I've received over 300 bounces or 'delivery failure' notices to my .Mac account for spam mail that appears as if it was sent through my account. I understand that he is most likely does not have access to my account, and is simply making it appear that it is coming from my e-mail address, but I can not deal with all these bounces and spam! Is there any way to stop this?
 
Yeah, create a new E-Mail address. It's a drag, but there's nothing really you can do about it. On your side, you can teach the spamfilter not to show you those bounces, but it's not really something you can tell servers, because from _their_ point of view, they're doing the right thing. "You" are sending mails that can't be delivered, so they're bounced back to "you".

I also guess this is *TOTALLY* the wrong forum (Mac OS X System & Software? Really? Is it?), but I'm not sure this would be the right thread for the Café either... Oh well...
 
I was trying to figure out where it would go, but there wasn't really an appropriate forum. I figured it might fit in here because I am using Mail and .Mac, haha. Yeah, this is a drag. Hmm...
 
It happens to me all the time, I've got lots of email addresses. I've had people forge email addresses the day after I've registered a new domain.

Nothing can be done short of killing that email account. If I want to keep the address I don't filter out the bounces because I want to know when and if it's happening so I can check to see if that addy ends up on a spam list.

I just killed one this morning and replaced it with a new one.
 
But doesn't this get to be a huge pain-- alerting contacts of the new address. It's a hassle for both you and anyone who has an interest in getting in touch with you. Also, isn't it possible to determine if a message address is forged or not by examining the header "received" information? Can't a spam filter (preferably one that would work with Mail) be trained to mark or delete messaged with a forged address? Seems to me like if this was commonplace, spammers would need to use their own addresses, eliminating the problem.
 
thisbechuck said:
But doesn't this get to be a huge pain-- alerting contacts of the new address. It's a hassle for both you and anyone who has an interest in getting in touch with you.
Not in this case. The website uses a contact form, not the email address so it's not an address anyone really needs to know, I just changed the contact form. It was an "info@" address which is very commonly used and the spammers always try them first. The people I respond to have no idea which email account the contact form sent to in the first place anyway.

Also, isn't it possible to determine if a message address is forged or not by examining the header "received" information? Can't a spam filter (preferably one that would work with Mail) be trained to mark or delete messaged with a forged address? Seems to me like if this was commonplace, spammers would need to use their own addresses, eliminating the problem.
Spam filters will only help the people who get the forged emails, they'll do nothing for the legitimate owner of the email address. The spammers pick up an address, use it for a few days then go on to another because they know people will set up spam filters for the email.

It's super commonplace and just about impossible to do anything about. If the abuse is bad enough you can get a legitimate email address picked up by SpamCop and placed on a black list for no fault of your own. That's why I keep an eye out for them. It's happened to me countless times, the worst had me receiving bounces about once a second, I just killed that account and wrote it off. These spammers crank out millions of emails a day.

I receive about 200 spam emails each day because I maintain catch all accounts for my domains. All these catch all accounts are forwarded to one specific email account I use for nearly nothing else. So I can just do a quick scan, select all and delete. It's not a good idea to bounce them because you then identify the account as an active one, best just to delete them. I also get spam into the regular accounts.

Nearly all (if not all) of these spam emails are using forged email addresses. I can tell just by looking at them that the true owners are not spammers.
 
I understand (or at least hope) that this spammer's use of my e-mail will pass. My spam filter comment was a thought I had for keeping junk mail out of my own account that was triggered by this realization that spammers use forged addresses. Does anyone know how to program Mail's filter to identify forged messages?
 
thisbechuck said:
I understand (or at least hope) that this spammer's use of my e-mail will pass. My spam filter comment was a thought I had for keeping junk mail out of my own account that was triggered by this realization that spammers use forged addresses. Does anyone know how to program Mail's filter to identify forged messages?
It will pass, they don't/can't use them for long.

There's no real way to check for a forged email. Here's an example I just picked up (there's always at least a few available :( ).

Received: from flh1aah100.kmm.mesh.ad.jp ([210.147.184.100] helo=ruralhome.org)

Dear Home O w wn v er,

Your c y re f di q t doesn't matter to us !

If you O w WN v real e f st z at n e and want
I c MM y EDIA z TE c e as g h to s u pe v nd ANY way you like,
or simply wish to L q OW e ER your monthly p m aym e ent h s
by a third or more,
here are the d s eal p s we have T i ODA p Y:

$ 4 f 90 , 000 as l f ow as 3 , 6 k 5%
$ 3 o 70 , 000 as l u ow as 3 , 9 m 0%
$ 49 x 0 , 000 as l v ow as 3 , 2 d 0%
$ 2 o 50 , 000 as lo m w as 3 , 3 r 5%
$ 20 k 0 , 000 as lo e w as 3 , 5 q 5%

V t is x it o m ur s x it c e http://geocities.com/GiosVarhangelle

Iason Riley , A n ppr b ova r l Manager

Now it's pretty clear that this email was not really sent out by these guys:

http://www.ruralhome.org

And who on earth actually responds to that garbage anyway?
 
I've been getting a lot more Mail Unable to be Delivered notices; but they are just a spammer trying to use every variation of your known isp/host. Use a good spam filter and train it to ignore those variations to your email address.
 
thisbechuck said:
Hey everyone, over the past two days, I've received over 300 bounces or 'delivery failure' notices to my .Mac account for spam mail that appears as if it was sent through my account. I understand that he is most likely does not have access to my account, and is simply making it appear that it is coming from my e-mail address, but I can not deal with all these bounces and spam! Is there any way to stop this?
Three things you can do:

1. Go to http://www.apple.com/support/dotmac/account/. Fill in the form at the bottom of the page, requesting that your account be closed. Support will contact you for details. Reply to this and your account will be closed. You will only be charged up to the date you held your account. Then set up a new account using a new prefix. N.B. Only do this if your email account is totally and utterly screwed by spam. Apple won't take too kindly to anyone repeatedly cancelling and re-opening up accounts.

2. Set up a webmail account with Google, Hotmail, Yahoo, Fastmail etc. Use this address for merchandising or for communicating with people you don't know (or for putting on a business card).

3. If you have your email address on a web page, go to this site and disguise your address from spambots.
 
simbalala said:
It will pass, they don't/can't use them for long.
The bottomfeeders grabbed my domain about a month ago and generate a new random username for each mailing. Saying "This too shall pass" is not very comforting at this point.
simbalala said:
And who on earth actually responds to that garbage anyway?
A friend of mine watches only PBS on TV. Here's an actual quote: "No one watches those other stations. Do they?" My answer to him was, and to you is: "It is economically impossible for those (other stations) / (spammers) to continue to exist and operate if no one (watches) / (replies)."

I suppose you can argue that PBS doesn't depend on normal economics.
 
Back
Top