PDA

View Full Version : Email spam



DeSade
12-05-2016, 11:27 AM
I am getting a lot of Delivery Failed on emails I never sent and other PostMaster type emails.
Only started happening in the last few weeks.

I have chatted with my email provider twice now and had the SPF record adjusted and Spam Assassin increased and tweaked but these emails are still coming in and increasing.

There is nothing on my machine of a malicious nature (first thing I checked) so my email is obviously spoofed. I thought the SPF record was meant to prevent spoofing....

Anyway any idea what I can do to stop these?

1101
12-05-2016, 11:58 AM
Anyway any idea what I can do to stop these?

Use a professional spam blocking service, such as spamblocker
http://www.spamblocker.co.nz/index-1.html

see also
https://en.wikipedia.org/wiki/Greylisting

You cannot get 100% of spam filtered/blocked (without blocking legit email) , so you need to be realistic about this .
Its just life on the internet

get a 'junk' 2nd email a/c : eg a gmail a/c .
Use that email a/c to give to websites , services etc that really have no need for your email address

DeSade
12-05-2016, 12:04 PM
Use a professional spam blocking service, such as spamblocker
http://www.spamblocker.co.nz/index-1.html

see also
https://en.wikipedia.org/wiki/Greylisting

You cannot get 100% of spam filtered/blocked (without blocking legit email) , so you need to be realistic about this .
Its just life on the internet

get a 'junk' 2nd email a/c : eg a gmail a/c .
Use that email a/c to give to websites , services etc that really have no need for your email address

The problem is this is a catchall email
so doesn't matter what you put at the front it will get to me which means I cannot just use a different email because these are emails I have used before so were never "out in the world".

Bobh
12-05-2016, 12:08 PM
I have the same problem. As fast as I delete them more keep arriving. I would liken it to swatting sand flies while on the Milford track.

I have tried creating 'Rules' using the subject. Crafty buggers keep changing the subject and the language even and all messages have dodgy looking attachments. I thought about blocking the country of origin. I have the Junk Mail Option set at high but they still come through to my inbox.

1101
12-05-2016, 12:10 PM
I might be wrong, but adjusting your spf wont have any effect on incoming spam ?

DeSade
12-05-2016, 12:11 PM
I might be wrong, but adjusting your spf wont have any effect on incoming spam ?

No it doesn't
But it is supposed to stop the spoofing of your email address, in theory.

1101
12-05-2016, 12:16 PM
The problem is this is a catchall email
so doesn't matter what you put at the front it will get to me which means I cannot just use a different email because these are emails I have used before so were never "out in the world".

?
Do you really need catchall email ? No wonder you get so much spam.
First step would be to use only use certain email adress, others (ie spam guesses) could then be rejected . Perhaps you can set that up in you spamfilter program or via you email hosting service .

But if you want professional level spamfiltering, use a professional service . Its really that simple.

1101
12-05-2016, 12:18 PM
No it doesn't
But it is supposed to stop the spoofing of your email address, in theory.

only if your email hosting service or local spam filter supports it or uses it .
From what I was told (by the professionals) its no longer of that much use, the spammers can get around it .

DeSade
12-05-2016, 12:34 PM
only if your email hosting service or local spam filter supports it or uses it .
From what I was told (by the professionals) its no longer of that much use, the spammers can get around it .

Probably what is happening in this case. The service does use it but it does not seem all that effective.

1101
12-05-2016, 12:45 PM
Probably what is happening in this case. The service does use it but it does not seem all that effective.

heres why :annoyed:

http://baremetal.com/support/email_spf.html
"......It is not very effective at blocking spam, as the spammers are better at working with SPF than most ISPs seem to be. They often buy their own domains and setup legit SPF records. However, it is quite effective at stopping spammers from forging mail with addresses inside of your domain. This is known as a joe job"

Perhaps in your case, spf simply isnt being enforced , or not enforced correctly .
How often do you hear of email being rejected due to no(or bad) spf record , it really doesnt seem to be enforced (in general) .

See if your spamfilter has a greylisting option .

DeSade
12-05-2016, 01:03 PM
heres why :annoyed:

http://baremetal.com/support/email_spf.html
"......It is not very effective at blocking spam, as the spammers are better at working with SPF than most ISPs seem to be. They often buy their own domains and setup legit SPF records. However, it is quite effective at stopping spammers from forging mail with addresses inside of your domain. This is known as a joe job"

Perhaps in your case, spf simply isnt being enforced , or not enforced correctly .
How often do you hear of email being rejected due to no(or bad) spf record , it really doesnt seem to be enforced (in general) .

See if your spamfilter has a greylisting option .

I would have to look into the controls, I don't really handle this sort of thing myself
Just contact support at the service.
I mean the SPF record they put in place LOOKS ok.

fred_fish
12-05-2016, 01:45 PM
I use spf for our email domains and yes, a lot of places don't block even if your spf record says to.
I've got a few users currently getting joe jobbed even though we have an SPF hard fail rule if it ain't from our servers.
It does, however, drastically reduce incoming spam volumes for very little overhead.

Billy T
12-05-2016, 09:09 PM
I screen every incoming email on Mailwasher, and those for which I am uncertain or that I don't like the look of, I check in 'Email/preview message' or 'View complete header'' which usually gives the geographic location as well, so you can see their premises via google maps.

No email enters my computer system until it has passed MailWashers' scrutiny, and on a typical day I can check 20 or 30 spam & nuisance emails, delete them, then download the legit emails from my ISP, which is about five a day!

I don't know how anybody can survive on the web without it!

Cheers

Billy 8-{)

dugimodo
13-05-2016, 12:52 AM
I screen every incoming email on Mailwasher...
I don't know how anybody can survive on the web without it!

I don't know how you end up with 20 spam messages in a day. I couldn't remember the last time I saw one so I went and had a look at my main Gmail via webmail like I always do.
0 Spam mails received today
5 messages hiding in the Junk folder since april - I never look in there
19 messages in the spam folder since april - never look there either
nothing older, I think they auto delete from those folders

And bear in mind I have 2 older xtra E-mail addresses forwarding to my Gmail as well so that's from 3 accounts. What are you doing that attracts that much spam? posting your E-mail on public forums? I just can't imagine how it gets that bad. Or maybe it's Just that Yahoo and Gmails spam filters stop most of it without me ever seeing it, I have noticed using webmail you don't get as much of it as with a local client E-mail program - no idea why that is. Actually on a whim I went and logged into yahoo mail - never do that either - the spam folder has 671 messages in it. So there you go, I survive by my E-mail provider filtering it all out for me.

I have used mailwasher in the past, but I just didn't like adding the extra step to reading my E-mail and as you can see I don't get much spam. I suspect when you use the webmail clients the spam filtering is more aggressive because it's all still there in the folder where you can check it if you want to to see if anything is being labelled spam in error but that's just a guess.

linw
13-05-2016, 10:41 AM
I don't know why anyone uses mailwasher!

Gmail does all the work for me. My email addr is 'out there' but I only get about 6 in the spam folder per week. Very rare to get a false positive and just as rare to get spam through to my Inbox.

1101
13-05-2016, 11:33 AM
I don't know why anyone uses mailwasher!

Gmail does all the work for me.

because many dont use gmail.
If its a business related email, many want to have complete control over what the spam filter does . Image loosing a potential important
client after some spam filter just removed/blocked/hid it.

The spam filter requirements for someones business email a/c are different from a personal gmail a/c

wainuitech
13-05-2016, 01:16 PM
The advantage of mailwasher is you can see all the mail and decide if its legit or spam, or simply "just not right" and only allow through what you want. Wouldn't trust any thing like gmail.

Most businesses who have their own domain names usually don't use gmail.

DeSade
13-05-2016, 01:28 PM
I have had no issues with my provider for years now and very little spam
Not sure what has changed recently but I am getting 20-30 emails a day filled mostly with failed deliveries from email addresses I have never used (but from my domain) and most of them trigger my AV.

1101
13-05-2016, 01:44 PM
Not sure what has changed recently but I am getting 20-30 emails a day filled mostly with failed deliveries from email addresses I have never used (but from my domain) and most of them trigger my AV.

Your domain name (email) is now on spammers/hackers email list . From here on it just gets worse :annoyed:
They probably try several guessed email adresses for your domain email , hoping to get some that are valid email addresses

You may also be getting bouncebacks if they are also spoofing your domain email addresses when sending spam out to others
It could also be a local (yours or mail hosts) compromised PC/server causing this (less likely)

DeSade
13-05-2016, 02:15 PM
Your domain name (email) is now on spammers/hackers email list . From here on it just gets worse :annoyed:
They probably try several guessed email adresses for your domain email , hoping to get some that are valid email addresses

You may also be getting bouncebacks if they are also spoofing your domain email addresses when sending spam out to others
It could also be a local (yours or mail hosts) compromised PC/server causing this (less likely)

Yes it is the bouncebacks I am seeing
I thought the SPF was going to stop that.

Oh and ALL emails on my domain are valid.