1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
  • Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Reply to: Considered UNSOLICITED BULK EMAIL, apparently from you

Collapse

You are not logged in or you do not have permission to access this page. This could be due to one of several reasons:

  • You are not logged in. If you are already registered, fill in the form below to log in, or follow the "Sign Up" link to register a new account.
  • You may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
  • If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.

Previously on "Considered UNSOLICITED BULK EMAIL, apparently from you"

Collapse
  • NickFitz
    replied
    Originally posted by Platypus View Post
    So, it seems that it was just a faked header, in which case, SPF should help (??) because the SPF record indicates that the mail is of fake origin. True?
    Probably. TBH I just ignore that stuff - it usually subsides after a day or so.

    Leave a comment:

  • Platypus
    replied
    Originally posted by NickFitz View Post
    Assuming your FormMail.pl is only used to send stuff to you, you can hard-code your email address in the script rather than taking it from query parameters, and then it can't be used to email anyone else.

    The headers of the bounced spam should allow you to see where it originated. The message you quote seems to think it came from AOL, so unless that's the SMTP server used by your script, that won't be it.
    Thanks, Nick.

    The addresses are hard-coded into FormMail.pl (there are several options, contact person A, contact person B, etc).

    AOL isn't the SMTP server used by my script.

    So, it seems that it was just a faked header, in which case, SPF should help (??) because the SPF record indicates that the mail is of fake origin. True?

    Leave a comment:

  • NickFitz
    replied
    Originally posted by Platypus View Post
    My website includes a "response form" which uses FormMail.pl, which I thought is secure.

    How can I tell if the email originated from my website via FormMail or is simply a bogus "reply address" in the header?

    Thanks!
    Assuming your FormMail.pl is only used to send stuff to you, you can hard-code your email address in the script rather than taking it from query parameters, and then it can't be used to email anyone else.

    The headers of the bounced spam should allow you to see where it originated. The message you quote seems to think it came from AOL, so unless that's the SMTP server used by your script, that won't be it.

    Leave a comment:

  • voodooflux
    replied
    Originally posted by Platypus View Post
    I don't have an issue with backscatter - I get one of these "bounce" messages every month or so, not hundreds per day.

    And if my FormMail.pl has been compromised (???) then as far as I can tell, an SPF record isn't going to help, as email will originate from my domain.

    Sorry if this sounds ungrateful - certainly not - I'm just trying to understand the issue!

    TIA.
    No worries, you're correct in that SPF won't help if FormMail.pl is the culprit as the SMTP relay will be valid according to the SPF record.

    Does the form mail do any logging?

    Leave a comment:

  • Platypus
    replied
    Originally posted by voodooflux View Post
    Configuring an SPF record against my domain did the trick for me - pretty much solved my backscatter issues overnight.
    I don't have an issue with backscatter - I get one of these "bounce" messages every month or so, not hundreds per day.

    And if my FormMail.pl has been compromised (???) then as far as I can tell, an SPF record isn't going to help, as email will originate from my domain.

    Sorry if this sounds ungrateful - certainly not - I'm just trying to understand the issue!

    TIA.

    Leave a comment:

  • voodooflux
    replied
    Originally posted by Platypus View Post
    I received this notification today.
    Is there anything I can do about this? i.e. stop people abusing my email address?
    Configuring an SPF record against my domain did the trick for me - pretty much solved my backscatter issues overnight.

    Leave a comment:

  • Platypus
    replied
    Originally posted by xoggoth View Post
    Is this just email provide by your ISP or do you have mailers on a website? If latter, I could suggest some secure scripts that appear to work.
    My website includes a "response form" which uses FormMail.pl, which I thought is secure.

    How can I tell if the email originated from my website via FormMail or is simply a bogus "reply address" in the header?

    Thanks!

    Leave a comment:

  • xoggoth
    replied
    Is this just email provide by your ISP or do you have mailers on a website? If latter, I could suggest some secure scripts that appear to work.

    Leave a comment:

  • Platypus
    started a topic Considered UNSOLICITED BULK EMAIL, apparently from you

    Considered UNSOLICITED BULK EMAIL, apparently from you

    A message from <Platypus> to:
    -> Platypus

    was considered unsolicited bulk e-mail (UBE).

    Our internal reference code for your message is (blah blah)

    The message carried your return address, so it was either a genuine mail from you, or a sender address was faked and your e-mail address abused by third party, in which case we apologize for undesired notification.

    We do try to minimize backscatter for more prominent cases of UBE and for infected mail, but for less obvious cases of UBE some balance between losing genuine mail and sending undesired backscatter is sought, and there can be some collateral damage on both sides.

    First upstream SMTP client IP address: [217.19.154.21] According to a 'Received:' trace, the message originated at: [217.19.154.21],
    mail.aol.com (unknown [217.19.154.21])

    Return-Path: <Platypus>
    Message-ID: <20091010191338.82EBD57287@netserver>
    Subject: Dear Platypus 89% 0FF on Pfizer !

    Non-encoded 8-bit data (char A9 hex): From: \251 VIAGRA \256 Offic...
    I received this notification today.
    Is there anything I can do about this? i.e. stop people abusing my email address?

    I suspect not.
    Tags: None

Advertisers

  1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
Working...
X