Hi, I'm not sure if this is the right forum for this question. If not, please direct me to where I might post this. I'm having a problem with email. My email address is being spoofed by a spammer who is using it to send out hundreds of emails to what seem to be random accounts and addresses. I don't recognize any of them. They are undeliverable, so I get hundreds of "System Administrator" emails alerting me of the delivery failure. Is there any way to stop this short of deleting my account? Obviously, I'd rather not do that, but if I must, I will. Should I alert the webhosts here so they know it's not me sending these emails? Is there any way for discountasp itself to intervene? For instance, is there any way that I could set up my account so that I could only get emails, not send them? Thanks for any information and, as I said, if this is the wrong place for these questions please let me know where I should post it. steve
Hi Steve, You might want to try implementing an SPF record: http://support.discountasp.net/KB/a300/does-discountaspnet-support-publishing-spf-sender-policy.aspx http://en.wikipedia.org/wiki/Sender_Policy_Framework
email issues Hi, Thanks very much for your reply. I've looked at the SPF policy wizard and I think I understand how it works, aside from the Reverse DNS Lookup. There's a checkbox there to indicate that all PTR records should resolve to outbound email servers. I don't think that should be checked, but I'm not sure. Can you shed any light on this? Thanks for any information Steve
You don't need to check that box. You might also want to review this Knowledge Base article: http://support.discountasp.net/KB/a267/outbound-email-ip-addresses.aspx The IPs should be included in the Outbound Mail Server Addresses list.
SPF records Hi, Well, I've set up an SPF record: v=spf1 ip4:216.32.60.10 -all but nothing seems to be happening. I still get hundreds of System Administrator messages alerting me that email from my email address directed to other people have failed to be delivered. All of them look something like this: Received: from sm06.internetmailserver.net (sm06.dotnetplayground.com [192.168.120.26]) by smg02.internetmailserver.net with SMTP; Tue, 1 Jan 2013 09:30:01 -0800 Received: from datatoolsinc.com (UnknownHost [14.134.243.177]) by sm06.internetmailserver.net with SMTP; Tue, 1 Jan 2013 09:26:43 -0800 Received: from relay2.sm.hc.ru (relay2.sm.hc.ru [14.134.243.177]) by datatoolsinc.com with ESMTP id unsihaqy-qiyomo-vbsuyykso; Wed, 02 Jan 2013 01:56:57 +0900 Received: from [10.3.16.100] (port=58269 helo=cf7.hc.ru) by relay2.sm.hc.ru with esmtp (Exim 4.80 (FreeBSD)) (envelope-from < [email protected]>) id dolpesgfh-ru-jwiizukeg for [email protected]; Wed, 02 Jan 2013 01:56:57 +0900 Received: from gigasetc by cf7.hc.ru with local (Exim 4.80) (envelope-from < [email protected]>) id fuhy-ostamak-ide for [email protected]; Wed, 02 Jan 2013 01:56:57 +0900 To: [email protected] Etc., etc. etc. Wouldn't the SPF record have stopped this by now? Wouldn't it have prevented "from datatoolsinc.com (UnknownHost [14.134.243.177]) " by now? I guess I just don't understand what the SPF record accomplishes. Any information you could give would be very welcome. Steve
suspended account Hi, Could someone from support please respond. My email account has been SUSPENDED! Is there nothing that can be done? I've tried the SPF record - nothing's happened. There are still hundreds of emails being sent out, which I am not doing. I've been using DiscountAsp as my webhost for almost 10 years. You would think someone would get in touch with me before suspending my account! What do I do?
You might want to scan your computer or the computer that has access to [email protected] for viruses. I'm afraid I can't tell you much more about the SPF record as I'm not an expert.
If the email account was compromised then it wont matter if you have a SPF record. This is because the compromised email address is most likely using the correct SMTP service the SPF record is set up to use. It also depends if the receiving email server checks for the SPF records on the domain name. If the SPF records don't match then the person receiving the email message wont get it. You might still get a bounce back email message from the other email server saying something about the spam settings. The SPF record doesn't prevent spoofing. It only makes its a little harder for the for the target person to get the email message. Most likely the cause of your email service getting suspended was due to a compromised email account. If this is the case then even having a SPF record wont matter. This is because the email user is authenticated against our SMTP service on the mail server and is using the correct outgoing server.
