Real spam problem - someone sending on behalf of our email addresss

Posted on 2009-05-22
Medium Priority
Last Modified: 2013-12-09
Hi all,

I have a catch all account and 2 email addresses setup.

Info & reception

Yesterday and today I have suddenly received 1000+ return emails from mail delivery system, saying it was unable to deliver to this recipient. It looks like a spammer is sending on behalf of our email address to 1000s of email addresses.

How can I go about preventing this?

Your message did not reach some or all of the intended recipients.

      Subject:      Can't find you in building
      Sent:      21/05/2009 19:25

The following recipient(s) cannot be reached:

      |donald.otoole@petrymedia.com on 21/05/2009 19:30
            The e-mail account does not exist at the organization this message was sent to.  Check the e-mail address, or contact the recipient directly to find out the correct address.

Many thanks
Question by:unrealone1
1 Comment
LVL 71

Accepted Solution

Chris Dent earned 1500 total points
ID: 24450342

Before anything else one thing must be noted:

There is no way to utterly stop this kind of abuse. SMTP is inherently insecure, all we can do is add bits to make a spammers life harder.

You have two issues here.

The first is abuse of your Domain Name. To combat this SenderID / SPF was developed. This allows you to state which servers are permitted to send as your domain name by adding a specific record to your public DNS Servers.

There are wizards to help build these kind of records here:


Both should give you roughly the same thing, so use whichever you prefer the look of.

Note that SPF is not used everywhere so while it will help, it will still be limited.

The second issue you're having is called Backscatter. This happens when somebody spoofs one of your addresses and you receive a Non-Delivery Report as a result of the spoofed message.

This one is harder to stop, it can be done in Exchange 2007 by tagging all outbound mail, and dropping NDRs when the tag is not included. I am not aware of a way using Exchange 2003. Spam Assassin may be able to do it, but you would have to refer to the product documentation.

Because SPF reduces the spammers ability to spoof your domain name it can also reduce backscatter.


Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Sometimes clients can lose connectivity with the Lotus Notes Domino Server, but there's not always an obvious answer as to why it happens.   Read this article to follow one of the first experiences I had with Lotus Notes on a client's machine, my…
The core idea of this article is to make you acquainted with the best way in which you can export Exchange mailbox to PST format.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

600 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question