Spammers Still Using My Domain

Sometimes I hate the way the Internet is so de-centralized and de-regulated…I understand those are the very reasons why it has grown to be such a great tool today, but sometimes the very things that make it so wonderful are the things that make it SUCK. For the past four months or so, a spammer (or series of spammers) has been using as the reply-to domain for their email spam. The problem is that I have an all-domain email forward active, meaning that if someone sends an email to (or anything else I’ll get it in my Inbox. Normally this is a good thing, because it allows me to make up email aliases on the fly – meaning when I register for something at a Web site I can create a unique email address linked to that site (, Napster, etc.) Then, if I ever get spam to that unique email address that only that one site had access to, I’ll know they sold my email address and can simply set up a server-side block on that exact address. This is the way I’ve done my email for years, and it works really nicely.

Unfortunately, the one weakness is the scenario I find myself in: some piece of crap spammer is sending out umpteen thousands of email messages, and using random email addresses as the reply-to addresses. Every day I get 50 to 100 email messages that are bounces from email addresses that the spammer sent email to that no longer work, error messages from email accounts that are full, bounces from spam gateways telling me their blocking “my” spam, and even now and then an angry email from a real person who wants me to “remove them from my list”. This has happened before in the past, but the spammer s have always moved on to using other domains, so it lasts for a few days then stops. This time, it seems that the spammer in question isn’t changing his tactics – I’ve been getting hit with this stuff for months…and there’s not a damn thing I can do about it other than keep pressing that delete key – all because the Internet is so de-centralized and de-regulated.

4 thoughts on “Spammers Still Using My Domain”

  1. Welcome to the world of the Joe job. I hear your pain. I was doing the same thing as you and then I finally wised up and made a minor change in my technique that has made a huge difference. It took a couple of months chipping away at past sign ups that I cared about to get the addresses changed over, but I haven’t looked back since. I switched from using “amazon at” to “amazon-three-character-string-that-I-use-for-all-of-them at”. That way I can throw everything out that has a header containing but not having “three-character-string-that-I-use-for-all-of-them at” or the few other valid email addresses defined. I still let through emails that don’t contain at all, since some mailing lists come in that way. That change combined with gmail’s spam filter (Google Apps for Your Domain) kept 313 spam messages and Joe job server responses out of my inbox on Dec 20 alone. A couple of times, before I made this change, I had Joe job traffic spike to hundreds of messages an hour, and this takes care of that too.

  2. Wow, I didn’t realize this type of thing had a NAME!

    Interesting approach Michael – I’ll give that some thought. It would take a lot of time to edit my registration info at all the sites out there…I’m horrified just thinking about it actually. ๐Ÿ˜‰ But your system definitely has merit. I wonder though, can I implement the same type of filtering with only cPanel? I’m not a Linux-root-hacker guy any more, I’ve no skillz. ๐Ÿ˜‰ I also try to avoid spam filters on my personal domain because I want to be 100% sure that I’m seeing all email that is meant for me.

  3. I was using Cpanel filters until hosted gmail started supporting a catch-all address. I don’t think I have my filters intact still, but I did have it going. For the change, basically I updated my short list of registrations that I use regularly first, and then others on an as needed basis or when I got a monthly newsletter, etc. I had a separate email account configured as the catch-all. Initially I just had the emails that didn’t pass my tests drop into that catch-all account and checked it periodically until I was comfortable with how it was working, then I simple set my catch-all account quota to 0.1 Megabytes.

Comments are closed.