[Webinar] Streamline your web hosting managementRegister Today


Spam bounce from myself

Posted on 2006-06-29
Medium Priority
Last Modified: 2008-01-09
Here is the situation.

    I am blocking all emails from my own domain on my relay server, since no
email from my organization will originate from the outside.

    I think this is what is happening.  Spammers are sending emails to my
ISP smtp backup server like this:

from: me@mydomain.com
to: me@mydomain.com

    My relay server is rejecting them.  The ISP smtp server is receiving the
smtp rejection and creating a postmaster bounce to me, since my email was in
the from: field.  The bounced message has the original spam email attached.  This means the
spammer was successful in getting me the email.  I.E. one of my users could
open the attachment and allow whatever is in the email to happen. (tojan,
phishing, etc.)

    My question is:  how do I stop this from happening?

    Here is the bounce message.

-----Original Message-----
From: System Administrator [mailto:postmaster@mydomain.com]
Sent: June 26, 2006 9:00 PM
To: ME
Subject: Undeliverable: Roolex for you

Your message

  To:      ME
  Subject: Roolex for you
  Sent:    Mon, 26 Jun 2006 20:59:07 -0400

did not reach the following recipient(s):

ME on Mon, 26 Jun 2006 21:00:22 -0400
    The e-mail system was unable to deliver the message, but did not report
a specific reason.  Check the address and try again.  If it still fails,
contact your system administrator.
    < smtp.myisp.com #5.0.0 X-Postfix;
host smtp.mydomain.com[xxx.xxx.xxx.xxx] said:
550    5.7.1 Message rejected. (in reply to end of DATA command)>
Question by:dauyeung
LVL 97

Expert Comment

ID: 17010832
Greetings, dauyeung !

Instead of your relay server rejecting the spam emails, have it delete them.  Then there will be nothing to bounce.

Best wishes!

Author Comment

ID: 17011182
I'm not sure if this would work.

Wouldn't the relay server still send an NDR to the sender, which is one of my users?

LVL 34

Expert Comment

ID: 17011253
First, you can't stop spammers from sending E-Mails claiming to be from you.

Second, you can't stop mailservers the world over from accepting E-Mail claiming to be from your Domain but clearly originating from elsewhere.

Third, you can't stop those mailservers - which are accepting E-Mail with detectable bogosity - from generating an NDR back to the faked FROM address and thus annoying your users.

About the only way to shield your users would be to construct a mail filter that examined incoming NDRs for plausability, perhaps by checking the mail server logs for recently transmitted messages to the same Domain.
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

LVL 17

Accepted Solution

upul007 earned 1000 total points
ID: 17012067
I disagree with PsiCop. If you have set up email servers to check and reject emails based on the sending domains spf records, there is hope. Perhaps your back up servers are not set to do this. Some servers do not even accept emails from domains without reverse dns records. You should check further and seek a solution through your isp.

Author Comment

ID: 17012101
Good idea upul007.

Hadn't thought of ISP filtering.  As for SPF, I wonder how many servers actually use it.  I do have an spf record for our domains.

Anyone have other ideas?

LVL 17

Expert Comment

ID: 17015810
SPF is supported by Exchange 2003 SP 2 and Alt-N's MDeamon. Here in Sri Lanka certain ISP's actually use this facility to promote their services.

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…
Suggested Courses

590 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question