Email Spoofing

Unfortunately, a client of mine was recently the victim of "email spoofing." This is a situation where a spammer is pretending to be sending email as you. There’s really not much you can do to prevent it, and it can damage your reputation. (Or in my case, improve it.)

There’s a good, albeit dry article on Spoofed/Forged Email here. It goes into good detail of how to determine where the spoof is coming from, and some deterence measures, although these are more for system admins than for laypeople. There is a nice section on legal action you can take against spoofers. [Good luck!]

G4Tech TV’s Web site has a nice, more user-friendly article on email spoofing as well. More of a description than anything else, but it’s helpful.

There’s also a low-quality video here (Windows Media only) that has "The Screen Savers" talking about Email Spoofing, how to do it, and how to prevent it. (I initially had problems with the way the link downloaded, so you may have problems, too. Try cutting and pasting the URL into your address bar; that’s ultimately what worked for me.)

You can watch the whole espisode or just skip to 47:48. Judging by what passed for humor on this show, you might want to skip it. However, let it be known that I also find the guys from Car Talk annoying, too, so use your own judgement.

To be honest, it’s not all that helpful. The tips they give seemed like too much work w/o a lot of payoff. For the truly geeky (and I mean that in a good way) this might be helpful.

One more nice article explains how you can determine where the spoofed email may have originated. Again, the problem is there’s no real help for the person being spoofed; the advice is for determine if you’ve received spoofed email.

All I can recommend is removing your email "catch-all" if you have one. A catch-all takes any email sent to your domain and directs it to a specific email address. This is helpful if people often misspell your name or if people guess that you have an email of service@yourdomain.com.

When someone spoofs you, it often results in hundreds of bounced emails sent back to your domain. Few of these will be directed to your specific email address, so disabling a catch-all may save you at least that headache.

Rich Brooks
[Yes, It's Really Me]

http://www.timflight.com Tim Flight

I've been criticized for this many times, however I am a fan of catch-all email addresses in certain instances. It can be a fantastic way to control sp@m if you have your own domain name and you are the only person receiving email at that domain .

By enabling a catch-all account I can create "throw-away" email addresses on the fly, much like how credit card companies can now issue you a temporary credit card number good for a few hours. Whenever I register on a website I can create an email address for use only on that site. So if I register for an account at amazon.com I would tell them my email address is amazon@mydomain.com. The catch-all system delivers that email directly to me with no setup.

These "throw-away" addresses also make it easy to filter my incoming mail into the appropriate boxes in my email client. I can simply filter by who the email was sent "to" and have a rule that works 100% of the time.

However the best use of the catch-all is the fact that I can discard any address as necessary. If a website decides to sell my email address to a sp@mmer I will instantly know which company sold me out by the address the email is sent to. Likewise if an address gets harvested I can discard the address as well.

Furthermore I can then tell my Xserve (server) to refuse messages sent to the address the sp@mmers now have. I also refuse messages to common usernames such as sales@, webmaster@, info@, etc. About two years ago I would get about 200 sp@ms per day; due to these techniques I am now down to about 2 per month. That's not a typo.

As Rich suggests, this can open the floodgates when someone spoofs your address and you start to get hit with returned emails. This has happened to me once but only resulted in about 30 bounce-back messages. Not everyone will have that level of flexibility with their server/host and few people have a domain name that is unique to one person. However if you can attain that setup it can be a great tool.
http://www.timflight.com Tim Flight

I've been criticized for this many times, however I am a fan of catch-all email addresses in certain instances. It can be a fantastic way to control sp@m if you have your own domain name and you are the only person receiving email at that domain .

By enabling a catch-all account I can create "throw-away" email addresses on the fly, much like how credit card companies can now issue you a temporary credit card number good for a few hours. Whenever I register on a website I can create an email address for use only on that site. So if I register for an account at amazon.com I would tell them my email address is amazon@mydomain.com. The catch-all system delivers that email directly to me with no setup.

These "throw-away" addresses also make it easy to filter my incoming mail into the appropriate boxes in my email client. I can simply filter by who the email was sent "to" and have a rule that works 100% of the time.

However the best use of the catch-all is the fact that I can discard any address as necessary. If a website decides to sell my email address to a sp@mmer I will instantly know which company sold me out by the address the email is sent to. Likewise if an address gets harvested I can discard the address as well.

Furthermore I can then tell my Xserve (server) to refuse messages sent to the address the sp@mmers now have. I also refuse messages to common usernames such as sales@, webmaster@, info@, etc. About two years ago I would get about 200 sp@ms per day; due to these techniques I am now down to about 2 per month. That's not a typo.

As Rich suggests, this can open the floodgates when someone spoofs your address and you start to get hit with returned emails. This has happened to me once but only resulted in about 30 bounce-back messages. Not everyone will have that level of flexibility with their server/host and few people have a domain name that is unique to one person. However if you can attain that setup it can be a great tool.
http://www.outbidder.co.uk Lee Harris

Hi, I am quite interested in this article as I too have exclusive access to my domain and had the bright idea of these throwaway addresses, however, on speaking to my host now that I need to disable one of them, they are suggesting I should just set up POP3 accounts for all the ones I want to use rather than having the ability to set up a "disable" list for ones I don't want to use
http://www.outbidder.co.uk Lee Harris

Hi, I am quite interested in this article as I too have exclusive access to my domain and had the bright idea of these throwaway addresses, however, on speaking to my host now that I need to disable one of them, they are suggesting I should just set up POP3 accounts for all the ones I want to use rather than having the ability to set up a "disable" list for ones I don't want to use
http://www.timflight.com Tim Flight

Hi Lee,

I can see where a host would not enjoy someone constantly updating their disable list (black list). For myself I do my own hosting so I only have myself to bother!

-Tim
http://www.timflight.com Tim Flight

Hi Lee,

I can see where a host would not enjoy someone constantly updating their disable list (black list). For myself I do my own hosting so I only have myself to bother!

-Tim

This entry was posted on Thursday, November 18th, 2004 at 9:47 am and is filed under Email Marketing. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Email Spoofing

FREE REPORT

Subscribe

Search

Recent Posts

Favorite Posts

Categories

Archives

Featured Presentations

Follow Rich Brooks

Featured Clients