Ming the Mechanic:
Forwarding and spam
The NewsLog of Flemming Funch
 Forwarding and spam2007-06-20 23:59
5 comments
by Flemming Funch

The ISP that hosts one of my two dedicated servers sent me a message today. The abuse department. Essentially the message is that they have too many complaints about people receiving spam from my server and they're going to block it.

They had written a couple of weeks ago too. After I asked them very nicely they sent back a sample of a message they had gotten a complaint about. Essentially it was just one of the mail users on my server that has his mail forwarded to his yahoo account. So, vicepresident@a-non-profit-organization.org is forwarded to somebody@yahoo.com. And the thing is that spam is forwarded too, and sometimes he hits the spam button.

But Yahoo is apparently so incompetent in treating this that they don't notice that the spam didn't come from my server at all. That particular spam came from somebody in Brazil, and that was clearly visible in the headers of the message. As was the fact that the message was forwarded and from what account. But they still turn around and send an abuse message to my ISP, stating that they've received spam from my server. And when my ISP has gotten a certain number of those, they shut me down.

What on earth am I supposed to do about that? Forbid that anybody forwards their mail?

That server has quite a few mail accounts, mostly for non-profit groups that have a website on the server. And most of those mail addresses forward to where people really pick up their mail. There's also a lot of mailing lists on the server, but I suppose that's not the issue here.

What I did today was that I set up Spamassassin to process the incoming mail. So, anything that's likely to be spam gets marked with "***SPAM***" in the subject line, plus a whole bunch of mail headers are added to the message, explaining why it looks like spam.

I wonder if that will make a difference to Yahoo. Otherwise I'll have to figure out how to trash anything that looks like spam which otherwise would be forwarded to Yahoo, and that's a much harder configuration job.



[< Back] [Ming the Mechanic]

Category:  

5 comments

26 Jun 2007 @ 00:32 by ming : Forwarding mail
Thank you for that insight, even though it isn't good news. I suppose I might have to do that too, route that mail through a different server, or trash anything that looks like spam altogether. But I'm not having much fun with mail server configuration, so it is a lot of hassle for a few dozen accounts.  

1 Aug 2007 @ 15:56 by JimBob @76.172.50.181 : Forwarding spam
It seems to me there's a problem with forwarding spam, at least from AOL, if something I've been told is true. I.E, that when you open spam, the spammers KNOWS you've opened it and that makes you at least a "warm" target if not a "hot" one, meaning they'll keep hitting you. With AOL (including AOL.COM) when you forward, it opens the spam in order to forward. So, the more I send PayPal spoofs to PayPal (obviously, I'm not someone they want to target) the more they lard me up with spam emails. So, the question I'm obviously asking: is there a way around this? I really want to f these spammers up if possible, but not at the cost of receiving ten times more spam. Thanks.  

13 Aug 2007 @ 20:44 by rayon : Same maybe with
 

21 Jul 2008 @ 13:31 by ming : Spam
You got a point there. Yahoo can be sure where they got the mail from, as my mail server was talking with theirs, and they know its IP. But, yes, as to the previous history they of course can't really trust whatever headers I pass on. A spammer will often fake those.

So, hm, is the conclusion that one just better not forward anything, unless one stops most spam before one forwards? I suppose. It just still gives me a problem on what to do with the forwarding accounts I have on my server. I suppose I could configure my spam filter to throw away spam before forwarding, although that might be complicated. For normal mail that arrives in people's mailboxes, I prefer that they make that decision themselves, rather than the server, which isn't perfect.  

23 Jan 2011 @ 13:32 by MikeW @212.209.45.98 : Alerting spammers
"the spammers KNOWS you've opened it " - only if you display any linked images. If you just open it as plain text (or if your email reader is smart enough to block any outgoing links) you will not alter the spammer.  

Other stories in
2012-05-03 00:04: An evolving path
2012-01-02 13:52: 2011 Accomplishments and 2012 Aims
2011-11-17 02:20: Your inner piece
2011-02-01 00:05: Slow Mo Flow
2011-01-22 18:40: Recognition
2010-08-23 00:36: Where's Ming?
2010-07-20 14:24: Getting other people to do stuff
2010-06-22 00:27: Inventory
2010-06-19 23:10: Conversations
2009-10-28 12:31: Then a miracle occurs


[< Back] [Ming the Mechanic] [PermaLink]? 


Link to this article as: http://ming.tv/flemming2.php/__show_article/_a000010-001864.htm
Main Page: ming.tv