Spam emails

Posted on 2012-09-21
Last Modified: 2012-09-24
We have had a sudden onset of email coming to our postmaster box (unknown mailbox) as undeliverable. for the most part have a format like:

I suspect a spammer is using our domain name, but what can we do about it. Mail is hosted at

don't really want to get blacklisted
Question by:warsawtech
    LVL 17

    Accepted Solution

    First go here:

    and click on the blacklist button at the top menu.

    Put your domain in and check.  After it's first check it only does the 35 most common lists, there is a link that says check all 90 something lists.  Click that and make sure you aren't on any lists.  Then, call networksolutions and inform them so they can inform you better how to proceed.
    LVL 33

    Assisted Solution

    by:Dave Howe
    You will most likely find that none of those mails were sent from your own mail servers (check the headers on some of the undeliverables, they will probably trace back to someplace in russia or china)

    If so, you can do little or nothing to stop them being sent, but you can do a little to get them bounced more often (at which case, often the spammers will move onto a domain with a higher success rate)

    First thing is to add a SPF record to your domain. the easiest is to do is "mx -all" which means (in english) "our domain sends from addresses listed in the MX records for inbound mail; other sources should be rejected". If there are any other IPs that will send as your domain, then you will need to take that into account when defining your SPF record (this is a DNS change)

    If your mailserver supports it (and note that MS don't!), also move to DKIM support. This adds a bit more load (because mails need to be digitally signed) but many of the big recipients (such as google) will inspect for DKIM And bounce non-matching mails. There are also open source MTAs (eg EXIM) that could be used to add DKIM to a non-DKIM mailserver as an outbound relay, but that's a fair amount of work.

    all you can really do though, as outlined above, is to make it more likely that the spam will be rejected rather than generating NDRs.  If you can make it sufficiently likely that mail gets bounced though, the spammers WILL move on to another domain, as they don't really care whose good name they abuse, as long as they get paid, so will take low-hanging fruit where they can.
    LVL 33

    Expert Comment

    by:Dave Howe
    oh, and if it *was* your mail server sending this out, then you have a different issue..... also, as you have hosted mail, ask your provider about their DKIM and SPF support, they may be able to turn this on for you....
    LVL 2

    Author Closing Comment

    Checked the MX records and no black listing yet!!

    Went to network Solutions and added SPF to the text in both domains I had this showing up in and now I just have to wait and see.
    Going to investigate the DKIM further in the meantime.

    Thanks guys

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Microsoft Outlook provides an easy way to recover permanently deleted items. When you empty the Deleted Items or simply deleted an Outlook data items using shift+Del key then it can be recovered using Registry Key settings.  Caution- Wrong Registry…
    Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
    This video discusses moving either the default database or any database to a new volume.
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now