Security Basics mailing list archives
Re: e-mail tracing
From: "Paul Kurczaba" <paul () myipis com>
Date: Sat, 11 Sep 2004 14:02:38 -0400
What email system are you using? If your email server is configured to allow messages sent from your domain (ex. From: joe () yourdomain com), then yes, spammers can be abusing your email server.
-Paul----- Original Message ----- From: "phrag" <phrag () slackcon org>
To: <security-basics () securityfocus com> Sent: Thursday, September 09, 2004 10:25 AM Subject: Re: e-mail tracing
I also used to get miscreants using my mail server to relay mail, although ihave turned on smtp authentication which has stopped that, but they stillspoof the address to that of mine, which also causes me to get replies from sometimes., I have also got a couple of password reset requests from stupid spoofed address's that don't resolve, but which seem to be bounced back to mymain domain email. Does this still mean they are using it to relay? Thanks, -- phrag [Slackware-current Linux 2.4.26] On Wednesday 08 September 2004 20:42, CHRIS GRABENSTEIN wrote:Yeah, I never thought about that too much until it started happening to me.For the last few months, someone has been using my domain as the faked source for a variety of emails attempting to drive up the prices of a fewstocks. The bounced emails I get are annoying enough, but we all know thereare a lot of admins out there that will see fit to just block all email from my domain. It's rather frustrating; I can only imagine the havoc it could cause for innocent businesses getting stuck on random blacklists. -----Original Message----- From: P S [mailto:seclistmail () hotmail com] Sent: Thursday, September 02, 2004 2:31 PM To: securityfocus () delahunty com Cc: security-basics () securityfocus com Subject: Re: e-mail tracing -snip- Steve had an interesting point, up until now I thought all this spamming only makes the end user mad, getting all that junk, I never even thought about the faked domains and their real owners. Thank you again, Peter S -snip- --------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html --------------------------------------------------------------------------- ----------------------------------------------------------------------------Computer Forensics Training at the InfoSec Institute. All of our class sizesare guaranteed to be 12 students or less to facilitate one-on-oneinteraction with one of our expert instructors. Gain the in-demand skills ofa certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
--------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
Current thread:
- RE: e-mail tracing Steven McLaughlin (Aug 31)
- <Possible follow-ups>
- RE: e-mail tracing Ryan Murphy (Aug 31)
- Re: e-mail tracing Tomas Wolf (Sep 02)
- RE: e-mail tracing David Gillett (Aug 31)
- Re: e-mail tracing Steve (Sep 02)
- RE: e-mail tracing LordInfidel (Sep 01)
- Re: e-mail tracing P S (Sep 08)
- RE: e-mail tracing CHRIS GRABENSTEIN (Sep 09)
- Re: e-mail tracing phrag (Sep 10)
- Re: e-mail tracing Paul Kurczaba (Sep 13)
- Re: [low probable spam] Re: e-mail tracing Steve (Sep 16)
- Re: e-mail tracing phrag (Sep 10)
- Re: e-mail tracing Gaurav Kumar (Sep 12)
- e-mail tracing Hayden Searle (Sep 10)
- RE: e-mail tracing David Gillett (Sep 13)