[BNM] Email hijacking

Richard Maynard rjm at wessexnetworks.com
Mon Oct 2 09:51:45 BST 2006 

Guy,

You're thinking of SPF - Sender Policy Framework.  I think it involves
adding an "SPF" record to your DNS server which receiving MTA's then have to
read, and match incoming message sources against.

http://www.openspf.org/

Hotmail I think are the only major adopter of SPF.  It is by no means a
guaranteed method of preventing email forgery, but a definitely a step in
the right direction.

I would hope if you moved IP that the MTA sending your messages back would
say "sorry, SPF mismatch" or something similarly useful!

Regards,

Richard.

-----Original Message-----
From: Guy Tierney [mailto:guy at south.co.uk] 
Sent: 02 October 2006 09:38
To: Brighton New Media
Subject: Re: [BNM] Email hijacking

Is there not a certificate you can set up on your domain that would prevent
anyone using this address as a sender address unless it matched the IP
numbers you list in the certificate?

Sorry can't remember what it was called - I don't use it as it sounded like
the type of thing I would forget should I change ISP, therefore IP, and not
understand why my mail wouldn't send :)

gt

on 2/10/06 9:24 am, Jay Gooby at jay at gooby.org wrote:

> On 10/2/06, Jeff Horne <jaybeeter at googlemail.com> wrote:
> 
>> Hi all,
>> 
>> I need a bit of email techie help if you're willing.  Over the last 
>> week the amount of emails in my inbox has increased about 10 fold and 
>> most of them are saying "undeliverable" or things like that.
> 
> The general reason for these kind of messages is that when people spam 
> others, they fake the From: address - a lot of email MTUs just blindly 
> reply back to the from address if the To: address doesn't exist/has a 
> full mailbox, etc, etc, regardless.
> 
> It rarely means your machine/email account has been compromised - if 
> anything it's generally a sign that someone you know has, because your 
> address appears in the their address book, and the spamming viruses go 
> through these and send mail to everyone using other people's details.
> 
> If the undeliverable mails don't look like they've been used to try 
> and forward a virus (check for dodgy attachments) and they're just 
> regular spam, then its just one of those things - I've got some mail 
> addresses that have been in existence for 10 or 11 years and these 
> seem to go through phases of being used as fake From: senders.
> 
> It wouldn't hurt to run a virus checker and/or spyware (use ad aware 
> and spybot search and destroy) on your PC though...
> 
> Hope this helps.



-- 

BNM info/subscription/archives: http://www.brightonnewmedia.org/

BNM archive search: http://www.roddis.org/bnm/search.php
BNM Del.icio.us tag: http://del.icio.us/tag/bnm/ BNM Flickr group:
http://www.flickr.com/groups/bnm/

BNM powered by http://www.screen-play.net/

More information about the BNMList mailing list
BNMList is hosted by Screenlists, a Screen-Play.net service