... Or if you prefer, Subscribe by e-mail 
... What is RSS?
Â
As some of you may already know I have been battling E-mail Address Hacking for a while now.  Some nefarious persons or companies have been sending Spam without having to use their own Domain or E-mail address. They have been using mine instead.
Actually, they haven’t been using any of my addresses per se, they have been making up user id’s eg. abc123@ mydomain as a return address.  The only reason I can tell what they are doing is when they (I) get an undeliverable E-mail it comes back to my main PO Box.
Â
Here are the steps I have taken to try to fix this problem:
~~ I have made my Domain Private. (Thanks Lara)
~~ I installed the Contact Form on all my blogs where there is a need for contact. (Thanks TZ)
~~ I took my Contact Information Off the Webpage. I did want to have it, but why take the chance?
~~ I sent E-mails to the site administrator for which there was a possibility to advise them of the scam occuring (so they knew it wasn’t me, to stop complaints).
~~ I sent scathing E-mails to the site administrator of whatever advertisers were included in the return mail body.
~~ I contacted a Professional Blogger who has his own domain to see if he may have any suggestions on how to fix the problem. He was kind enough to respond, but couldn’t give me any insight or suggestions.
~~ Lastly, (really firstly) I called my hosting service and talked to them.
I talked to the supervisor for this type of Spam problem and he told me “There is no way to stop them” and “Maybe they’ll just get tired and pick on somebody else”. They made note on my account that I was having this problem, so that they wouldn’t just close the account automatically since it was noted I called. They would notify me first. But if they recieved too many complaints it would be beyond their control and my account would have to go.
They were really very nice about it, explaining that they couldn’t jeopardize their business or all the other accounts they handled. Thanks, guys… (Did you detect the sarchasim?)
I don’t want to jinx things, but I have not recieved very many E-mail returns with bogus addresses since I took these steps, I am keeping my fingers crossed. Maybe some or all, or maybe none of the steps worked, but here’s hoping.
Â
Has anyone else run into this? Are there any other ways to stop it that I haven’t tried?
Â
Related Posts:
9 Comments
Whenever it happens to me, it seems like they send out a bunch, and then move along to another domain… so while it may happen again, it’s highly unlikely that it would be the same people. And I did everything you did…
The only other thing I could say, so that you don’t get the returned mail is to change your email account from a “catch all” to not a catch all. However, then, you’ll never know when it’s happening.
Hey Lara,
So far, I have seen hundreds, then a lull, more, then another lull. I have no idea if it’s the same people or not, but that is probably unlikely.
I thought about the change for the EM, but like you said, I wouldn’t know when it is happening. I would rather know, that way at least I know.
I just hope they get tired of it before there is any problems with my domain.
Thanks for the input,
Joe
Joe,
Re having your email on the site: you can use Javascript to print your email address to the page. That way the reader can click on the address to send you an email, but a scraper can’t get that address. That’s what I do on my contact page on my software site. If you want to see a sample you can email me.
Hey Rick,
I like the plugin I have for the contact form, it seems to be working well for now.
Would something like that work on my website, I need something there and there are no plugins for that type of setup.
I’ll send you an email with more specifics later.
Thanks,
Joe
Just a quick word of advice. NEVER reply to any of these people. In a lot of cases they’re fishing (phishing) for email addresses. They’ll find a domain name and then send emails to every generic combination they can find – webmaster, contact, mail, sales, accounts, etc – until they find one that actually exists. By emailing them back, you’re confirming that you exist and, as a result, are opening yourself up to a world of spam
Make sure your host doesn’t offer a ‘catch all’ email service. If they do, I could spam you with an email addressed to ‘slartibartfast85656433395676@yourdomain.com’ and it would still reach you.
Create seperate email addresses for the services you subscribe to. If you use, for example, Technorati, create an email address or an alias of ‘technorati@yourdomain.com’. If you get loads of spam as a result, you know where it’s come from.
Hey Mike,
Thanks, that is all sound advice. I haven’t responded to an email unless I know them in almost a year.
The problem isn’t so much what I’m getting myself, it is someone using my domain name to SEND Spam. I’m getting the Return to Sender type of thing.
I haven’t thought about creating an alias for subscriptions before, that sounds interesting. That’s one I’ll have to give serious consideration to.
Thanks,
Joe
You should also check into an SPF (Sender Permitted From) record for your domain name.
Check out OpenSPF.org for more information.
Hey seanrox,
I did ask BlueHost about something similar, they said there is no way they know of to stop someone from using @domain.com with bogus users.
I’ll check out the link you provided to see if it would work for me. I need something, it seems they are starting up again.
Thanks,
Joe
Hi Joe, if your host doesn’t understand SPF records or if they don’t use them, it’s time for a new host. SPF records are being used by all the major ISP’s now: Earthlink, Comcast, AOL, etc.
I have a friend who works at BlueHost, so depending on what you find out, let me know and I can put a call into him to see if there is something he can to for your specifically.
3 Trackbacks
[...] Working at Home on the Internet has tried (and maybe succeeded) at foiling the bad guys, but wouldn’t mind our tricks to add to his protection. [...]
[...] Okay, so Joe talked about it a few weeks ago, and now (a former employer of mine ) Jim Boykin is raving about it as well. Chances are such that if you have any kind of website, you’ve fallen victim to it, as have I. I call it “email hijacking” and it happens when someone sends out their spam email campaign using your domain name in the “Reply-to” section. [...]
[...] 7 Steps I’ve Tried to Stop E-Mail Address Hacking [...]