[off topic] How to get out from a spoofer |
Post Reply |
Author | |
Alan
Groupie Joined: 06 May 2005 Location: United States Status: Offline Points: 43 |
Post Options
Thanks(0)
Posted: 18 October 2005 at 8:11pm |
Anyone have any technique or suggestions on how to save a domain name from a spoofer?
I've tried to have the spammer's websites shut down but NameCheap has no problem hosting the spammer's websites even when presented with mounds of evidence of spoofing someone elses domain as well as allowing obviously faked registration ID info so they have been no help at all. Oh for the good old days of regulated domain registration. No way to track the emails due to an obvious zombie network. Here's and example of one the spammer's websites <http://www.dates4funz.com/extra/angelsweet3> Spammer always uses the "angelsweet3" Anyone have any suggestions? If not, is there at least a way to block the rejection notices that have the orignal email attached with this text in it? |
|
Marco
Senior Member Joined: 07 June 2005 Location: Netherlands Status: Offline Points: 137 |
Post Options
Thanks(0)
|
fight fire with fire, do some spoofing of your own and have the spoofable domain blacklisted by as many listing sites as possible. just an idea, don't take me serious :) regards, Marco |
|
Anyone who is capable of getting himself made president, should on no account be allowed to do the job. D.Adams
|
|
Marcus
Newbie Joined: 25 July 2005 Location: United States Status: Offline Points: 21 |
Post Options
Thanks(0)
|
If they have a link to <http://www.dates4funz.com/extra/angelsweet3> (\bdates4funz\.com\b) will trash every one of them. Edited by Marcus |
|
Alan
Groupie Joined: 06 May 2005 Location: United States Status: Offline Points: 43 |
Post Options
Thanks(0)
|
No this is the spammer spoofing your own domain, sending spam using
your domain as the From: and Reply-To so you get all the bounces and
rejections flooding your servers.
keyword block is not able to block rejection notices that do not include the original email in the body.
|
|
Marcus
Newbie Joined: 25 July 2005 Location: United States Status: Offline Points: 21 |
Post Options
Thanks(0)
|
See my first post. You might want to utilize the "Authorized To Emails" and enter your legit users. This should stop the NDR back to fake users. Should cut down on of at least some of it. |
|
Alan
Groupie Joined: 06 May 2005 Location: United States Status: Offline Points: 43 |
Post Options
Thanks(0)
|
Roberto, can I submit a request for a LDAP feature? Seems liek
that woud be a great tool agains all sorts of dictionary spam attacks
as well as fallout from spoofers.
|
|
WebGuyz
Senior Member Joined: 09 May 2005 Location: United States Status: Offline Points: 348 |
Post Options
Thanks(0)
|
Why not use LDAP tools and have it create the AuthorizedTo.txt file every 10 to 30 minutes. It runs faster by SF reading it into memory than having ldap queries run for each and every incoming email.
|
|
http://www.webguyz.net
|
|
LogSat
Admin Group Joined: 25 January 2005 Location: United States Status: Offline Points: 4104 |
Post Options
Thanks(0)
|
Alan,
We've thought about the LDAD / ActiveDirectory verificationin the past, but thought the same thing that WebGuyz mentioned. Furthermore, we have users who receive millions of emails/day. That, along with the risk of spammers/hackers who could practically perform DoS attacks on your LDAP servers with millions of bogus authentication requests, also told us it may not have been a good idea... |
|
Post Reply | |
Tweet
|
Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
This page was generated in 0.145 seconds.