[off topic] How to get out from a spoofer
Printed From: LogSat Software
Category: Spam Filter ISP
Forum Name: Spam Filter ISP Support
Forum Description: General support for Spam Filter ISP
URL: https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=5359
Printed Date: 26 December 2024 at 7:10pm
Topic: [off topic] How to get out from a spoofer
Posted By: Alan
Subject: [off topic] How to get out from a spoofer
Date Posted: 18 October 2005 at 8:11pm
|
Anyone have any technique or suggestions on how to save a domain name from a spoofer? I've tried to have the spammer's websites shut down but NameCheap has no problem hosting the spammer's websites even when presented with mounds of evidence of spoofing someone elses domain as well as allowing obviously faked registration ID info so they have been no help at all. Oh for the good old days of regulated domain registration. No way to track the emails due to an obvious zombie network. Here's and example of one the spammer's websites <http://www.dates4funz.com/extra/angelsweet3> Spammer always uses the "angelsweet3" Anyone have any suggestions? If not, is there at least a way to block the rejection notices that have the orignal email attached with this text in it? |
Replies:
Posted By: Marco
Date Posted: 19 October 2005 at 8:08am
|
fight fire with fire, do some spoofing of your own and have the spoofable domain blacklisted by as many listing sites as possible. just an idea, don't take me serious :) regards, Marco ------------- Anyone who is capable of getting himself made president, should on no account be allowed to do the job. D.Adams |
Posted By: Marcus
Date Posted: 19 October 2005 at 1:46pm
|
If they have a link to <http://www.dates4funz.com/extra/angelsweet3> (\bdates4funz\.com\b) will trash every one of them. |
Posted By: Alan
Date Posted: 19 October 2005 at 8:13pm
|
No this is the spammer spoofing your own domain, sending spam using
your domain as the From: and Reply-To so you get all the bounces and
rejections flooding your servers. keyword block is not able to block rejection notices that do not include the original email in the body.
|
Marcus wrote:Posted By: Marcus
Date Posted: 19 October 2005 at 8:45pm
|
See my first post. You might want to utilize the "Authorized To Emails" and enter your legit users. This should stop the NDR back to fake users. Should cut down on of at least some of it. |
Posted By: Alan
Date Posted: 21 October 2005 at 3:14pm
|
Roberto, can I submit a request for a LDAP feature? Seems liek
that woud be a great tool agains all sorts of dictionary spam attacks
as well as fallout from spoofers. |
Posted By: WebGuyz
Date Posted: 26 October 2005 at 1:28am
|
Why not use LDAP tools and have it create the AuthorizedTo.txt file every 10 to 30 minutes. It runs faster by SF reading it into memory than having ldap queries run for each and every incoming email. ------------- http://www.webguyz.net |
Posted By: LogSat
Date Posted: 26 October 2005 at 3:55pm
|
Alan, We've thought about the LDAD / ActiveDirectory verificationin the past, but thought the same thing that WebGuyz mentioned. Furthermore, we have users who receive millions of emails/day. That, along with the risk of spammers/hackers who could practically perform DoS attacks on your LDAP servers with millions of bogus authentication requests, also told us it may not have been a good idea... ------------- Roberto Franceschetti http://www.logsat.com" rel="nofollow - LogSat Software http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP |