Email Discussion

3 replies [Last post]
gillumhouse's picture
Offline
Joined:
05/22/2008

In another Forum, I started a thread about why one should NOT use a free email like gmail, hotmail, etc. John Hinton os EW3D.com posted a better answer as to why to use ONLY mydomainname.com - that is the ONLY domaion name YOU control.

Then someone posted about how she bounces spam back to the spammers. This is John's (with his permission to post) answer as to why that is not a good idea. You tech savvy probably already know this but those like me who know-nothing may learm from it. Here goes:

 

I'm going to take on trying to give a bit of an explanation to email headers. I have taken a few lines from the header of a spam sent to me. If you decide to view headers of an email yourself, you need to know to read them from bottom to top. The bottom is where the email starts, the top is where it lands in your box. To help everyone understand, I'm starting with lines from the bottom and working my way up. My comments on each line are inside the --- marks

Subject: [SPAM] =?GB2312?B?RGlnaXRhbCBQaG90byBFZGl0aW5nIFNlcg==?=
=?GB2312?B?dmljZXMgLSBQaG90byBDdXRvdXQgLSBQaA==?=
=?GB2312?B?b3RvIFJldG91Y2hpbmc=?=
---The spammer used Base64 encoding trying to avoid spam filtering. I won't post the unencoded subject line as I don't want to help them. The [SPAM] flag was added by our anti-spam system. The entire message was also Base64, so it is more difficult for most anti-spam systems to read.---

Reply-To: <ICHANGEDTHIS@ICHANGEDTHIS.com>
---As this was an ad for a service, this email address was likely a good one. I changed it in this post so I wouldn't be promoting the domain---

To: "ME" <MYEMAILADDRESS@MYDOMAIN.com>
---This was my legit email address---

From: "Rick" <AUSERNAME@yahoo.de>
---I change the username to protect this email address as it looks to be spoofed. If you bounced the message, it would go to this account---

Received: from host1 (unknown [61.191.37.115])
by info.antares-mebel.ru (Postfix) with ESMTP id 0035C18C6D0;
Thu, 13 Dec 2012 20:57:49 +0000 (UTC)
---This email positively originated from the server located at 61.191.37.115. I did a lookup on antares-mebel.ru and got no results, so it seems bogus. However a lookup on 61.191.37.115 show it is managed by CHINANET Anhui province network.---

Received: from info.antares-mebel.ru (unknown [193.33.62.35])
by MYMAILSERVERNAME (Postfix) with ESMTP id 3B5653C0BAA
for <ME@MYDOMAIN.com>; Thu, 13 Dec 2012 19:40:02 -0500 (EST)
---It seems that 61.191.37.115 passed this email along to another server, 193.33.62.35 still using that bogus domain name. This IP address is controlled by Prokma-Telecom JSC RU. So this email originated on a China internet service and was sent through a server in Russia---

End header posting....

I didn't bother with the top of the headers as they aren't important here. What we learn here is this email never went through any yahoo.de mailsystems. Yahoo.de is the German version of yahoo.com, to my knowledge owned and operated by yahoo.com but a German interface. My point is yahoo.de is legitimate and we need to accept mail from them. To my knowledge bounce always uses the 'From' address and not the 'Reply-To' address. So the bounce goes to an account that did not send the message.

Now for trickery. This spammer is most likely in China (although they could be only using an account in China and be anywhere in the world). They could easily set up a free Yahoo account at yahoo.de. This would be where the bounces would be received. Bounces are normally from legitimate email addresses, otherwise they are normally 'Rejects'. (I say normally because there are a number of uninformed mailserver admins in the world as well) The spammer could use this account to verify good email addresses to know which ones to positively keep on his list. 'Verified' email addresses are a hot commodity to spammers. Those list can be sold for good money. Or maybe he just grabbed a poor soul's email address to use as the 'From' address so the bounces wouldn't come back to him.

If you have bounced email, don't feel bad or dumb or anything like that. As I said above, it is a mistake made by a lot of mailserver admins and the spammers abuse those poorly configured systems. Combine that with the thought that you can spam the spammer and it becomes irresistible! It just doesn't do what you think it is doing. Now, if you know your irate sister-in-law's email address and it is the 'From' address, you can bounce the gripes back to her. Eye-wink
Posted by John Hinton
 

Madeleine's picture
Offline
Joined:
09/29/2011

Because spammers used my domain name for spam we cannot use our domain name to send email confirmations as our guests don't get them. AOL, Yahoo, Microsoft email- none of them get thru. I had to revert to our '3rd party' email account. It stinks because we look like amateurs but the emails are getting thru now.

__________________

Everyday, for good or ill, we intersect with some else's story and become a part of it.

 

Offline
Joined:
05/30/2008

I used the info@ mydomain .com and a few others from the website (for vendors, etc.)  Then, they dumped into my G Mail accounts into buckets that I managed through Thunderbird so that I didn't have to use webmail to check my inn mail.  I could also view the mail on one of the first smartphones this way.  (I used Thunderbird because this was before Goog le made some upgrades to their mail program.) 

The advantage of having mail somewhere else other than just your web hosting mail, is that when you close your biz and take down your website, you have all your mail.

There are lots of ways to manage mail.  Outlook has become easier to use on smartphone devices, too. 

__________________

People don't notice whether it's winter or summer when they're happy.
~ Anton Chekhov

 

Offline
Joined:
05/22/2008

Thanks for sharing. Nothing I didn't know already, but the other reason to stick with using your domain for the email address is that if you ever change ISP, you can more easily just edit your email address in one place and not have to worry about telling the world you have  a new email. And of course everyone should know NEVER to reply to spam. It won't do a bit of good.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.