[CLUE-Tech] email address hijacked by spammers

Mike Staver staver at fimble.com
Tue Mar 30 22:36:56 MST 2004 

Dan - sorry to hear you got jacked by some punk ass spammer, I feel for 
you.  I think you're on the right track about having one email address 
and only handing out aliases for it. I have several for my email 
account, but for things like domain registration and this list, I give 
out my real one... maybe that's dumb, I dunno.  But when signing up for 
mails from my bank, credit card, ebay, etc, I use aliases.  If you can 
make them specific, that's all the better.  For example, I would use 
bankcard at fimble.com for my checking account... ebay at fimble.com for 
ebay... etc.  So, if one gets jacked, it's less hassle to blow away one 
alias than all of them.  The only issue you're still going to face is 
wasted bandwidth and server resources for invalid email addresses at 
your domain.  So, if you *really* want to get crafty, set up a second 
domain.  If things get crazy like they did today, all you have to do is 
point the domain mx record at oh, let's say a cname of www.microsoft.com 
:)  So, it's there bandwidth getting wasted, not yours.  Or, if you 
don't have a grudge against anyone, simply point the name at a 
nonexistent IP address. 

Dan Harris wrote:

> Well, the unthinkable has finally happened to me.  I've had this email 
> address for nearly 7 years now and I've been able to cope with all the 
> spam I get using spamassassin and thunderbird filters, but this is 
> different.  It appears that last night some spammer(s) began using my 
> address as the 'From' on their spams.
> So today, I am getting bombarded with 'recipient not found' and 'this 
> message was rejected because it is spam' messages.  I don't know who 
> I'm more pissed off at, the spammer(s) who hijacked my email or the 
> idiots who reply to every spam message saying "this is spam".. You'd 
> think that if they were smart enough to set up a spam filter that they 
> would realize that spammers FORGE the From address and not bother 
> replying to it.. *sigh*.  The ones that did send me a rejection 
> sometimes included the headers of the sent message which let me see 
> what hosts were originating the messages.  However, by the time I get 
> the rejections and start trying to investigate those hosts, they have 
> already pulled the plug and switched IP addresses.
> This is driving me NUTS.  I can deal with spam, but this crap is over 
> my limit of tolerance.
>
> Anyway, before I kill this address, which has a mind boggling number 
> of important ties to it including domain registrations and list 
> servers, I wanted to solicit some opions about what other people may 
> have done in this situation..
>
> I'm considering doing to the following:
>
> A) wait and see if they give up using my address ( I assume this is 
> not likely to happen )
>
> B) create a new single address and use multiple receive aliases.  This 
> way I can change the aliases easier than changing my account.  Only 
> problem here seems to be that most lists won't let you send from a 
> different address than your "to" address, which I would be doing in 
> this case.
>
> or
>
> C) create multiple accounts.  One for each list I'm on, one for domain 
> registrations, one for personal email, etc.  This is by far the most 
> burdensome for me since I could see myself having 5 or 6 different 
> accounts to set up and maintain.  But, at least I could tell which one 
> was compromised and only have to change a more limited number of 
> subscriptions, etc.
>
> Please help!  Thanks for any advice.
>
> -Dan
>
>
> _______________________________________________
> CLUE-Tech mailing list
> Post messages to: CLUE-Tech at clue.denver.co.us
> Unsubscribe or manage your options: 
> http://clue.denver.co.us/mailman/listinfo/clue-tech

More information about the clue-tech mailing list