Spoofing, RBL, Open Relay … And All That Jazz

A question was recently asked:
“It seems that someone has been sending out spam and when people reply, the replies are coming to me even though my email address doesn’t appear in the “To” field of the emails. Do you have any idea what is going on and what I can do about it?”

Here is the answer and some additional points of clarification:

1. It is quite common /easy for spammers to hijack your email address. It is usually right on your website and typically on your contact page.

2. Spoofing is simply pretending to be someone else when sending an email or making it appear as if it came from somewhere or someone other than the actual source. Using this technique, your email may be stored in the “to”, “cc”, or “bcc” fields. Also common is that the “from” field may look like someone (usually a fake name) within your organization. This is especially powerful (for the spam company) when large organizations get spam and the “from” looks like someone valid they do not know within their own organization.

3. Open relay – which is an extremely serious condition, is when your email server, not properly protected, allows anyone from anywhere to send mail through your own server. Your email server is hijacked and mail coming from your server may actually look like it is coming from your own domain name (which it is).

How to protect:

1. Invest in great anti-spam software. Ours catches 99.99% of all spam with no need for us to constantly modify our own filters. A great anti-spam software does the following:

a. Allows for the definition of keywords to be scanned in the subject and body of the email and reject accordingly.

b. Allows subscribing to a service company that specializes in modifying the anti-spam categories. i.e. specifying the category of gambling, shopping or sex prevents my company from getting any such emails.

c. Provides RBL (Realtime Blackhole List) protection from those companies known as spammers which are automatically get rejected by my server. Please note that subscribing to the service mentioned above, automatically gives us this protection.

2. If your domain name is your own company name, contact your ISP or your technical person and make sure your email server is not an open relay server.

3. Remove your obvious email address from your web sites and replace with a hidden technique or a contact form.

4. If you elect not to invest in anti-spam software, this either may not be a serious problem for you or constantly modifying your own filters and pressing the delete key is something you may enjoy doing.

Safe surfing,

Chad

Leave a Reply

Your email address will not be published. Required fields are marked *