[Lazarus] that's surprised me a lot

Sat Oct 1 18:18:00 CEST 2016

I've used AuthSMTP for years to send all of my email to avoid black list 
problems.

On 10/01/2016 11:01 AM, Josh via Lazarus wrote:
> Hi
>
> Sounds like backscatter mail;
> Sender is spoofing your email; as long as you have valid spf, and dkim
> for the sending domain the spoofed email should be picked up by most
> well configured mail server as not originating from sender and not
> deliver; sometimes the mail server may send a message back to your
> server informing you that an email was received that failed spf and dkim
> and was not delivered.
>
> An analogy would be somebody sending a letter to an unknown person and
> placing your home address as the sender on the envelope; the person it
> was sent to opens it; and send back 'return to sender'; you then get the
> letter as your home address is on the letter,having not sent it in the
> first place, very annoying.
>
> Sometimes an email or domain can be attacked in this way to send out
> spam/viruses etc, and by having valid spf/dkim etc should reduce the
> possibility of this happening; however one thing that you will need to
> check regularly is that you do not get black listed use something like
> mxtoolbox to check your domain is not black listed; as if your getting
> attacked in this way and spam/viruses are 'appearing' to come from your
> domain; mail servers can be configured to auto report this activity to
> the likes of protected sky etc causing a blacklisting; once your
> blacklisted you will have problems sending to the likes of
> hotmail,gmail,aol,yahoo etc as well as company mail servers that use
> these blacklisting services as blacklist filters.
>
> if you getting problems sending to gmail/yahoo/hotmail,outlook, live
> etc. Make sure that you have signed up to the bulk mail sending service
> ( or something like that; it is specific to each one so may take some
> googling) so that they do not block you dead; hotmail,outlook,live etc
> if you get black listed can take some time to get cleared as it is not
> automated and is done by human and you will have to jump through some
> hoops to clear it.
>
> I come across this a lot; it seems to have escalated in the last 6
> months. I have one mail server that is only confirming less than 0.2% as
> valid emails a months; the rest 99.8% is backscatter/spoofed emails;
> that you have no control over as you have not sent them. On this one
> server it was getting blacklisted twice a week; I even took the server
> down for a 2 week period; and it was getting blacklisted during this
> period.
>
> Just food for thought.
> Might be of use.
>
> -----Original Message----- From: Sascha Hestermann via Lazarus
> Sent: Saturday, October 01, 2016 4:02 PM
> To: Lazarus mailing list
> Cc: Sascha Hestermann
> Subject: Re: [Lazarus] that's surprised me a lot
>
> Am 01.10.2016 um 13:48 schrieb Shaun via Lazarus:
>>
>> sorry to inform you but the link leads to a scam site that has been
>> doing the rounds for quite some time.
>
> That's indeed a spam mail and it wasn't sent by me. As far as I can tell
> they faked the sender and used my name and mail address.
>
> Looking as the source code of the mail reveals it was sent by
> 109241132252.raciborz.vectranet.pl via mailhost.mobimail.mobitelnet.lk,
> so no Gmx was involved.
>
> Since a few month I have seen several of such mails and also get
> "Undelivered Mail Returned to Sender" mail from time to time for mails I
> did not sent.
>
> I don't think I can do anything about that as the mails are neither send
> by me nor by my computer.