[BNM] Email hijacking

Guy Tierney guy at south.co.uk
Mon Oct 2 09:55:52 BST 2006 

That's the fella. Didn't realise that it wasn't universally adopted - shame
but it does seem a bit of a kafuffle to set up - especially if you are using
multiple sites and or providing clients with email addresses from your
domain.

gt


on 2/10/06 9:51 am, Richard Maynard at rjm at wessexnetworks.com wrote:

> Guy,
> 
> You're thinking of SPF - Sender Policy Framework.  I think it involves
> adding an "SPF" record to your DNS server which receiving MTA's then have to
> read, and match incoming message sources against.
> 
> http://www.openspf.org/
> 
> Hotmail I think are the only major adopter of SPF.  It is by no means a
> guaranteed method of preventing email forgery, but a definitely a step in
> the right direction.
> 
> I would hope if you moved IP that the MTA sending your messages back would
> say "sorry, SPF mismatch" or something similarly useful!
> 
> Regards,
> 
> Richard.
> 
> -----Original Message-----
> From: Guy Tierney [mailto:guy at south.co.uk]
> Sent: 02 October 2006 09:38
> To: Brighton New Media
> Subject: Re: [BNM] Email hijacking
> 
> Is there not a certificate you can set up on your domain that would prevent
> anyone using this address as a sender address unless it matched the IP
> numbers you list in the certificate?
> 
> Sorry can't remember what it was called - I don't use it as it sounded like
> the type of thing I would forget should I change ISP, therefore IP, and not
> understand why my mail wouldn't send :)
> 
> gt
> 
> on 2/10/06 9:24 am, Jay Gooby at jay at gooby.org wrote:
> 
>> On 10/2/06, Jeff Horne <jaybeeter at googlemail.com> wrote:
>> 
>>> Hi all,
>>> 
>>> I need a bit of email techie help if you're willing.  Over the last
>>> week the amount of emails in my inbox has increased about 10 fold and
>>> most of them are saying "undeliverable" or things like that.
>> 
>> The general reason for these kind of messages is that when people spam
>> others, they fake the From: address - a lot of email MTUs just blindly
>> reply back to the from address if the To: address doesn't exist/has a
>> full mailbox, etc, etc, regardless.
>> 
>> It rarely means your machine/email account has been compromised - if
>> anything it's generally a sign that someone you know has, because your
>> address appears in the their address book, and the spamming viruses go
>> through these and send mail to everyone using other people's details.
>> 
>> If the undeliverable mails don't look like they've been used to try
>> and forward a virus (check for dodgy attachments) and they're just
>> regular spam, then its just one of those things - I've got some mail
>> addresses that have been in existence for 10 or 11 years and these
>> seem to go through phases of being used as fake From: senders.
>> 
>> It wouldn't hurt to run a virus checker and/or spyware (use ad aware
>> and spybot search and destroy) on your PC though...
>> 
>> Hope this helps.
> 
>

More information about the BNMList mailing list
BNMList is hosted by Screenlists, a Screen-Play.net service