Spam on the rise again


I’ve started receiving bounces for undelivered mail that I haven’t sent. It seems it’s my turn to have my mail domain spoofed for e-mail harvesting spam again. The spam mails appear to all be in HTML format and claim to be in response to signing up to a newsletter.

If you don’t know, ‘spoofing’ is forging the address to look like it comes from someone else that you’re more likely to trust, in this case my domain, ‘delphia.co.uk’. The mail was never sent by me, or from a user on my mailserver, as I don’t actually have a ‘delphia.co.uk’ mailserver. All my mail passes through an authenticated server on my host, 1&1, and legitimate mail from me starts it’s first hop at ‘mrelayeu.kundenserver.de’ (which you’ll see in the headers).

There is nothing much that can be done about spoofing, as anyone can currently fake the sender address in an e-mail. Until something like the Sender Policy Framework or an equivalent is used by the majority of the ‘net there is no way to know if a mail is from a legitimate source.

Related: Spam Trends.

Advertisements

,

  1. Leave a comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: