Email spoofer

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts
  • daveshore
    Sergeant First Class

    • Jul 2005
    • 53

    Email spoofer

    I know this is not related to blue voda or vodahost, but I am desperately trying to find someone who can tell me how to identify and stop an email spoofer. Someone out there, for whatever reason, has hijacked my email address and has been sending out a bulk email using it as the "return address". As a result over the last 36 hours I have received over 3,000 (yes, three thousand) mail delivery failure messages!! I have tried to reader the mail headers, but I think this person is very cleverly covering their tracks.

    Please if anyone of you can help I would be eternally grateful.

    Regards,
    Dave Shore
    www.bettingfromhome.com
  • VodaHost
    General & Forum Administrator

    • Mar 2005
    • 12356

    #2
    Re: Email spoofer

    I hate to say this but there is nothing you can do, spoofing email is very easy…
    you can set up your outlook show the reply address as ????@vodahost.com it
    will take you two seconds.

    Youu can send out all the email you want and fake our address...(We would cancel your account)

    VodaHost

    Your Website People!
    1-302-283-3777 North America / International
    02036089024 / United Kingdom
    291916438 / Australia

    ------------------------

    Top 3 Best Sellers

    Web Hosting - Unlimited disk space & bandwidth.

    Reseller Hosting - Start your own web hosting business.

    Search Engine & Directory Submission - 300 directories + (Google,Yahoo,Bing)


    Comment

    • VodaHost
      General & Forum Administrator

      • Mar 2005
      • 12356

      #3
      Re: Email spoofer

      moving to email section.

      VodaHost

      Your Website People!
      1-302-283-3777 North America / International
      02036089024 / United Kingdom
      291916438 / Australia

      ------------------------

      Top 3 Best Sellers

      Web Hosting - Unlimited disk space & bandwidth.

      Reseller Hosting - Start your own web hosting business.

      Search Engine & Directory Submission - 300 directories + (Google,Yahoo,Bing)


      Comment

      • daveshore
        Sergeant First Class

        • Jul 2005
        • 53

        #4
        Thanks for the reply - wasn't sure which section to post in originally. I had a feeling that was the case. Now coming in at the rate of 1-2 per minute. Will be up all night (for the 2nd night) keeping my inbox on my ISP down so I don't end up with a full box!! Tomorrow it will be acquire a new email address from my ISP and then try to remember to tell everyone that I need to.............

        OK, so if you get spoofed as I just did this weekend, it seems that you can "ride the storm" providing you are vigilent and prepared to empty your ISP Inbox every 2 to 3 hours as I have just done over the last 48 hours (yes, even through the night!). I conservatively estimate that I had to delete over 5000 (five thousand) "mail delivery failure" type messages in that time. At its peak there were 4 or 5 emails coming in every minute!! However after 48 hours I am now down to just a trickle of 2 or 3 an hour. Clearly the only objective of the spoofer was to fill, and therefore ultimately disable my email address for whatever perverse reason they might have had!!

        Anyway, so far, I appear to have survived with my email address and account still intact. However I now need a good nights sleep!!!

        Regards,
        Dave
        www.bettingfromhome.com

        Comment

        • davidundalicia
          General

          • Mar 2006
          • 6294

          #5
          Re: Email spoofer

          dave, why not try Navals new advanced bluevoda forms processor.
          this has security checks that may be of help to you.........
          Have fun
          Regards..... David

          Step by Step Visual Tutorials for the complete beginner
          Newbies / Beginners Forum
          FREE Membership Login Scripts: - Meta Tags Analyzer
          My Social Networking Site - Free Contact Forms
          Finished your New website!! Now get it noticed Here:

          Comment

          • Mook25
            Brigadier General

            • Oct 2005
            • 1427

            #6
            Re: Email spoofer

            You could set a rule on your inbox which will move the emails which have 'delivery failure' in their title to your bulk folder. That way all you have to do is press 'ctrl a' within you bulk folder and then hit delete. HTH
            Arcade Ninja - Free Flash Arcade
            FreeGadget4me.Com - Learn how to get free gadgets delivered direct to your door for free

            Comment

            • daveshore
              Sergeant First Class

              • Jul 2005
              • 53

              #7
              Re: Email spoofer

              Hi folks,

              Thanks for the suggestions. However either way your solutions still require you to download your emails from your ISP in order to take the action of trashing them. This is where the spoofer tries to "kill" you because they overload your ISP inbox before you can get to clear the "junk" out.

              I tried setting a rule to discard all the incoming addresses related to the spoof email, until I realised all that was doing was moving them from my inbox to the trash box, so I was still filling my allocated ISP email space!!

              Spoofers are a big problem and I pray and hope that none of you ever get spoofed, it is not a pleasant experience but at least, for now, I can say I beat the spoofer............

              Take care my friends,
              Dave

              Comment

              • VodaHost
                General & Forum Administrator

                • Mar 2005
                • 12356

                #8
                Re: Email spoofer

                wht is the return address he is sending them to?

                VodaHost

                Your Website People!
                1-302-283-3777 North America / International
                02036089024 / United Kingdom
                291916438 / Australia

                ------------------------

                Top 3 Best Sellers

                Web Hosting - Unlimited disk space & bandwidth.

                Reseller Hosting - Start your own web hosting business.

                Search Engine & Directory Submission - 300 directories + (Google,Yahoo,Bing)


                Comment

                • VodaHost
                  General & Forum Administrator

                  • Mar 2005
                  • 12356

                  #9
                  Re: Email spoofer

                  What is he spamming.????..Any contact details in the spam?
                  We cant even block the IP, because it is not coming form his
                  one single IP, it is being redirected from the IP of the reciever.
                  This would meanblocking thousands of IP addresses.

                  VodaHost

                  Your Website People!
                  1-302-283-3777 North America / International
                  02036089024 / United Kingdom
                  291916438 / Australia

                  ------------------------

                  Top 3 Best Sellers

                  Web Hosting - Unlimited disk space & bandwidth.

                  Reseller Hosting - Start your own web hosting business.

                  Search Engine & Directory Submission - 300 directories + (Google,Yahoo,Bing)


                  Comment

                  • daveshore
                    Sergeant First Class

                    • Jul 2005
                    • 53

                    #10
                    Re: Email spoofer

                    Seems this spammer (or spoofer) certainly knows their stuff when it comes to hiding their tracks. I have spent ages researching to try to find out how to track the culprit down. From analysing the header information I can now establish the spoofer knows how to forge header information. Even when you work out which "received from" is the originators it tends to just say "unknown" and if there is an IP address these are just the global ones from organisations such as RIPE - and if you contact them they won't even tell you who has the IP range involved!! This probably explains why you would not be able to block the IP addresses.

                    As for clues based on contact; well the original batch reported here was an english/american style email and was the same email in all 6000+ return messages. However, just when I thought I'd beaten him he started again yesterday morning this time with an email in Russian (I think). I then redirected all my voda site email addresses to another ISP I occasionaly use so as to seperate the spoof (as much as possible) from the real emails. This time, thankfully, appears to have only been a 24 hour attack involving around 2000+ emails.

                    I have now reverted my voda site emails back to my original address so we will see what happens now!!

                    One lesson I have learned from this is that is is useful to have a backup email address through a different ISP than your main 1. Then use one of your web site email addresses (so I now will look to use dave@daveshoreconsulting.com) and then if you get this type of problem you can go in through the Control Panel and change your Forwarders to the back up address until the dust settles (hopefully). That said you need to also establish from your ISP at what capacity level they start to reject emails, and not knowing that is why I got up every 3 hours during the night to clear my inbox!!

                    This is a big problem, and I think the person that can find a solution to this will be a millionaire overnight! I'm working on it............

                    Regards,
                    Dave

                    Comment

                    • metaldoc
                      Sergeant

                      • Jul 2006
                      • 21

                      #11
                      Re: Email spoofer

                      Good luck with the solution, I had a similar problem but mine was easy to fix as I could set a rule with my provider and divert them to trash where they were immediately deleted. I am sure the culprit can be tracked by the right authorities but they probably won't bother unless it was a major organisation or national security issue.

                      Comment

                      • LadyEye
                        General & Forum Moderator

                        • Jun 2006
                        • 10526

                        #12
                        Re: Email spoofer



                        The above is a link, provided by Naval Design as well ... this link takes you to a place you can encrypt your email and the spammers cannot get it, this was easier for me for my site than the forms he also provides.

                        I had a few different emails on my site in a ton of places, I still today am changing them..

                        I had this happen to me, not to your extent, but I attributed it to the fact that spammers are getting my email addys off my site, and are trying to send me spam, my emails all have auto responders, so when my auto responder sends an email back to them, well of course, the email won't go, therefore I was getting bounced messages that my mail could not be delivered.

                        I am hoping my problem will be corrected - one spam place which is stock news, sends from 69stocknews.com 88stocknews.com 44stocknews.com and so on .... an endless amount of numbers ...

                        I am hoping this will correct my situation, failing short of getting a new email address as well ....

                        It is a cruel world, without a doubt.

                        VodaHost

                        Your Website People!
                        1-302-283-3777 North America / International
                        02036089024 / United Kingdom
                        291916438 / Australia

                        ------------------------

                        Top 3 Best Sellers

                        Web Hosting - Unlimited disk space & bandwidth.

                        Reseller Hosting - Start your own web hosting business.

                        Search Engine & Directory Submission - 300 directories + (Google,Yahoo,Bing)


                        Comment

                        • daveshore
                          Sergeant First Class

                          • Jul 2005
                          • 53

                          #13
                          Re: Email spoofer

                          Thanks to Metaldoc & LadyEye for your support and advice.

                          If there is one thing for sure it is that this forum is a great place to get support in a time of crisis!! I'm currently praying that I have weathered the storm, but I think tonight will be the tester as I have not had 2 consecutive nights without being attacked since Friday last. There is still a trickle of mail delivery failure messages coming in, but I am now down to around 20 in the day and not the 6 per minute at its peak!!

                          I guess the other frightening thought is, how many emails reached a valid email address? I know that some must have because I also got a number of "out of office" replies!!

                          Regards,
                          Dave

                          Comment

                          Working...
                          X