liv: cast iron sign showing etiolated couple drinking tea together (argument)
[personal profile] liv
So something is sending vast quantities of spam from my email address. Does anyone have any advice?

I have an email address that I use on websites I really don't trust, especially the kind where they are prone to displaying your email address in the clear. And it turns out I was right not to trust them, because some time yesterday evening I started getting absolutely floods (more than a hundred mails per hour) of bounce messages suggesting that this honeytrap email address had been sending out Viagra spam.

I have ended up turning off that email address altogether, because I couldn't cope with that many bounce messages. I only use it for authentication with dodgy websites, and for Facebook notifications. I would prefer FB didn't know my email address at all, and since they must have one, I don't really care whether I receive email notifications when someone tags me or they just randomly decide I haven't interacted with their site in revenue-generating ways recently.

But is there anything else I can do? Firstly to protect myself, and secondly to be socially responsible and prevent people from getting spammed in my name?

I think, but I don't know, that the spam machine is just inserting my email address into the "from" field, it doesn't actually have access to any accounts I own. Is there any way I can verify that this hunch is correct?

Is there any way I can reactivate the email address but not get thousands of bounce messages due to the spam apparently originating from it? Maybe just waiting a while, or is the the address hopelessly contaminated forever? This isn't a high priority, but it would be somewhat convenient to have access to that email address.

If I create a new honeytrap email address, is there any way I can prevent this from happening again? Probably not, but perhaps plus addressing or something similar would work?

Can I do anything at all to stop the spammers? I assume not, because they're not actually sending email from anything I control, just pretending that they're doing so. I'm also a bit scared that this problem may lead to my whole domain getting blacklisted, but again, I may just have to accept that this could happen and probably there isn't anything I can do.

(no subject)

Date: 2017-01-11 02:13 am (UTC)
siderea: (Default)
From: [personal profile] siderea
Are there any common elements to To, From or Title that would let your email software filter the bounces out to Junk Mail?

Oh please no. Bounces are about spam, but they are not spam themselves, they are legitimate; if you filter them into any dynamic spam-learning Junk Mail folder, you are training the spam system to think that legitimate bounce messages are spam, and that's bad for us all.

If you're going to filter, filter into a special folder just for this. I have a folder called "joejob" (see Azz's comment for why) and filter suspicious bounces into it for review and then deletion.

(no subject)

Date: 2017-01-11 08:12 am (UTC)
ewx: (Default)
From: [personal profile] ewx
Legitimacy of bounces: up to a point. When MTA operators (either end systems or open relays) produce bounces in situations where a transport-level rejection would have been perfectly practical, and bystanders are deluged with bounced spam as a result, it shouldn't surprise anyone if the rest of the net acts to protect themselves from those MTA operators' negligence.

Soundbite

Miscellaneous. Eclectic. Random. Perhaps markedly literate, or at least suffering from the compulsion to read any text that presents itself, including cereal boxes.

Page Summary

Top topics

March 2017

S M T W T F S
    1234
56 7 891011
12 1314 15161718
1920 21 22232425
262728293031 

Expand Cut Tags

No cut tags

Subscription Filters