[CLUE-Tech] OT: Someone "borrowed" my domain name

Adam Bultman adamb at glaven.org
Mon Oct 7 20:52:00 MDT 2002 

Tee hee! This happened to me last week.  I don't necessarily think it's
someone deciding to use your domain however.  I think bugbear (the one
that used my domain) just grabbed a few things. The from address was like
this:

NUA Internet Surveys <surveys at iconideas.com>

Obviously, the message was sent to many people, and one of the dude was
running something called VirusGard [sic] and I got a phone call.  He was
understanding, knew it most likely didn't come from me, but just wanted me
to be on the lookout, anyhow. I'm not aware of the legality of doing
something like this, but it's perfectly do-able.  The problem is when
people don't know how to look, assume, and then get in a tiff.  (I'm not
saying you, I was in a tiff at first, too, until I realized I could do
nothing about it).  The only thing you CAN do is possibly post a message
on your site explaining what happened (that's about verbatim from what I
got from the dude that alerted me).


There's really nothing you can do. You can complain, but I've found that
foreign ISP's don't give a flying rodent's rectum about anything out of
their country.  I've got a LOT of that crap going on right now, and
there's nothing I can do but handle the connections as I do.  (Portsentry
helps, though).

But I digress.  just keep your eyes peeled, see what happens.


On Mon, 7 Oct 2002, Matt Gushee
wrote:

> Aargh!
>
> It seems someone pretending to be
>
>   "Phil Klein <phil-klein at havenrock.com>"
>
> has been sending an e-mail virus to various and sundry people on the
> Net. I know this because, as the owner of havenrock.com, I get all mail
> for unknown recipients in the domain. So I've got a pile of bounces and
> a few complaints. As far as I can tell, the only connection to me is the
> From: header with my domain name--according to the headers in the
> bounced messages, all of them originated from a single IP address in the
> Netherlands and didn't pass through either my own machine or my ISP's
> mail server (do bounces include all headers from the original message?).
>
> So I don't think I have a security issue. But obviously I don't like
> someone using my domain name this way (well, at least they didn't
> pretend to be <mgushee at havenrock.com>!). Is there a law against that? If
> so, is there a way to get it enforced?
>
>

-- 
Adam Bultman
adam at glaven.org
[ http://www.glaven.org ]

More information about the clue-tech mailing list