Results 1 to 6 of 6
  1. #1
    The Buzz's Avatar
    The Buzz is offline GPWA Gossip Hound
    Join Date
    February 2007
    Location
    Newton, MA
    Posts
    3,328
    Thanks
    200
    Thanked 1,321 Times in 801 Posts

    Default How spammers spoof your e-mail address

    Most of us know spam when we see it, but seeing a strange email from a friend—or worse, from ourselves—in our inbox is pretty disconcerting. If you've seen an email that looks like it's from a friend, it doesn't mean they've been hacked. Spammers spoof those addresses all the time, and it's not hard to do. Here's how they do it, and how you can protect yourself.


    http://lifehacker.com/how-spammers-s...ote-1579478914

  2. The Following 2 Users Say Thank You to The Buzz For This Useful Post:

    BettingGods (22 May 2014), edgarf76 (21 May 2014)

  3. #2
    edgarf76's Avatar
    edgarf76 is offline Private Member
    Join Date
    March 2013
    Location
    Montreal
    Posts
    1,847
    Thanks
    646
    Thanked 501 Times in 355 Posts

    Default

    That was a good share!


    Sent from my iPad using Tapatalk

  4. #3
    universal4's Avatar
    universal4 is offline Forum Administrator
    Join Date
    July 2003
    Location
    Sinking Faster, just when I thought it couldn't get worse it did!
    Posts
    25,173
    Thanks
    1,520
    Thanked 7,081 Times in 4,506 Posts

    Default

    It is too bad that spf isn't more widely blocked.

    It would greatly reduce the drug spam that comes from a few hundred domains from thousands of different ip addresses every day.

    How many Canadian drug sites do you really think change countries every day?

    It would also reduce the effectiveness of spam from the bot networks, since the sending domains would not be authorized senders, so the spam sent from the zombie computers would have to carry the hacked persons email addy, and if he got a few hundred or thousand bounces as well as a few hundred or thousand complaints the next day, he would have a quicker indication that his system was hacked and more zombies would be cleaned up more often.

    Rick
    Universal4

  5. The Following User Says Thank You to universal4 For This Useful Post:

    Renee (22 May 2014)

  6. #4
    DanHorvat's Avatar
    DanHorvat is offline Private Member
    Join Date
    November 2008
    Location
    Actual location may vary.
    Posts
    1,786
    Blog Entries
    1
    Thanks
    1,195
    Thanked 1,227 Times in 719 Posts

    Default

    There are two issues here, spam and spoofing. The author of the article is mixing the two, but the problem here is spoofing - when someone is sending an email from his server but it looks as if you sent it from your address. And you end up receiving spam from yourself.

    I didn't yet hear of a way to protect yourself from that.

    The problem here is that you need to be a techie, and a good one, to implement DMARC. You need to tinker with your email service in detail, dreading the false positives like a good nerd does. From my experience, when you start tinkering on such a low level, things get very wrong. People who have a career in tinkering with these things are doing that because they're constantly debugging. There's no way out.

    So this isn't an answer, it's proof of concept.

    I won't be implementing DMARC on my server because, frankly, I hate unstable things. I like to keep it clean and simple, I like solutions, not 'solutions' which cause ten additional problems. I'll stick with SPF and DKIM.

    If everyone used DKIM (DomainKeys Identified Mail) to check whether the sender is who he says he is, then I guess everyone would also have to use SPF (Sender Policy Framework) to identify themselves, and spoofing would be eradicated. But DKIM and DomainKeys records are also a bit tricky to set up properly, despite being easy to enable in cPanel. But what they don't tell you is that the private DomainKeys key isn't published, and it's the most important part of DKIM. No wonder most nerds are so edgy.

    If you're using cPanel, go to Email Authentication and Enable SPF and DKIM. That's it. You've done a lot to combat spam and the world is thankful. Leave it alone after that.

  7. The Following User Says Thank You to DanHorvat For This Useful Post:

    edgarf76 (22 May 2014)

  8. #5
    universal4's Avatar
    universal4 is offline Forum Administrator
    Join Date
    July 2003
    Location
    Sinking Faster, just when I thought it couldn't get worse it did!
    Posts
    25,173
    Thanks
    1,520
    Thanked 7,081 Times in 4,506 Posts

    Default

    I agree, JoeJobbing is a very different animal than regular spam.

    Spoofing an ip is not the same as joejobbing.

    The problem with DKIM is that mail server software has only been supporting this in recent years, so it is an expensive solution since it often means replacing mail server software.

    DMARC is also a more expensive proposition, since even if your server software supports spf and dkim, it may not support DMARC.

    Also, this is a much more difficult solution to impliment on the ISP or Host level, since hosting clients all have different ideas on what they consider spam.

    I agree Dan, I do not think DMARC has matured enough yet but it may be much better in the future.

    Rick
    Universal4

  9. #6
    BetVega's Avatar
    BetVega is offline Private Member
    Join Date
    March 2006
    Posts
    17
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default

    Thanks for sharing!

    This issue pops up more than it should.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •