|
FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc. |
|
Thread Tools |
17 Oct 2006, 05:59 AM | #1 |
Senior Member
Join Date: Jan 2002
Location: Dublin, Ireland
Posts: 128
|
Joejob on my domain; anyone else?
My domain "greylines.net" is being forged as the sender of stock spams. The addresses are in the format
'3-5 random letters@domain name.tld' with names attached. The spams mostly contain a gif showing stock tips which is the real content and some unassociated text lifted from random sites. I think its one of the new polish spam gangs but Icbw. Anyone else getting this? |
17 Oct 2006, 06:29 AM | #2 |
Cornerstone of the Community
Join Date: Jan 2003
Location: Oxfordshire, UK
Posts: 603
|
LazyGun,
I think a lot of people have been getting these in the last few days - just look at the other threads. I have a virtual domain also, but I've been getting exactly the same as you to my fastmail account. I have now got a sieve script in place to junk everything coming to my fastmail account (except for some white listed sender addresses) from fastmail themselves. J. |
17 Oct 2006, 08:46 AM | #3 |
Cornerstone of the Community
Join Date: Jan 2003
Location: The Village
Posts: 616
|
I've also been getting joe-jobbed recently, but not to any of my 3 private domains, rather to random letter sequences AT myusername.myfmdomain.tld. I've made extensive use of this "own-subdomain" feature, so it doesn't surprise me...
Dave |
17 Oct 2006, 10:31 AM | #4 |
Moderator
Join Date: Aug 2001
Location: USA Northwest
Posts: 3,849
|
It only takes a bit of sieve to fix this, using the x-backscatter header. This is why I like Fastmail. My mailshell.com account doesn't have anything I can hook and I'm also being joejobbed there. That service is just about useless to me now. I'm probably going to begin discarding the backscatter without any review but here's my script now.
PHP Code:
|
17 Oct 2006, 03:01 PM | #5 |
Cornerstone of the Community
Join Date: Jan 2003
Location: Oxfordshire, UK
Posts: 603
|
My spam is only to my fastmail address too. I've used sieve (via Kurian) to simply kill all emails to my fastmail address as I only use my virtual domain. The script whitelists some addresses that fastmail themselves use.
if allof(not header :regex "From" "(bounce|webmaster)@(fastmail.(fm|co.uk)|messagingengine.com)", header :regex "To" "<myaccountname>.fastmail") { fileinto "INBOX.Junk Mail"; } James. |
17 Oct 2006, 03:44 PM | #6 |
Senior Member
Join Date: Oct 2003
Posts: 102
|
I have also been getting Backscatter with 3-6 random letters before the @. I've noticed some of them do not have the X-Backscatter flag on them. Some of them claim to be 'an Out of Office Autoreply' others claim to mailing list errors. Seems like they should be caught as backscatter is there a place to report these?
I put in some sieve code to catch these: Code:
if address :regex "X-Delivered-to" "^[a-z0-9]?[a-z0-9]?[a-z0-9]?[a-z0-9]?[a-z0-9]?[a-z0-9]?@mydomain\\.tld" { fileinto "INBOX.Junk Mail"; stop; } |
17 Oct 2006, 04:02 PM | #7 |
Moderator
Join Date: Aug 2001
Location: USA Northwest
Posts: 3,849
|
The autoreplies are not backscatter since they are not bounces. They're replies. That is just spam generated by ignorant people. I can't filter those except by looking for headers like Auto Generated: Auto Reply. I get the same junk from Challenge Response systems asking me to verify that I want to send them mail
|
18 Oct 2006, 04:58 AM | #9 |
Moderator
Join Date: Aug 2001
Location: USA Northwest
Posts: 3,849
|
You know, since writing it I have been having these guilt feelings. I don't even need to read your link to have some misgivings. Is that a retraction? I don't know, but when you read the mail headers it's clear that a bounce is different than an out of office reply. The message id is different so that's where I was coming from.
And I could fix that error on wikipedia couldn't I |
18 Oct 2006, 03:40 PM | #10 |
Senior Member
Join Date: Oct 2003
Posts: 102
|
And I could put it back, with truthiness on my side...
But seriously I understand trying to match all possible types would be a pain, with diminishing returns for each new type. Perhaps email needs a new standard header flag for all "Auto-Reply" type messages |
18 Oct 2006, 03:52 PM | #11 |
Moderator
Join Date: Aug 2001
Location: USA Northwest
Posts: 3,849
|
I've been scouring my mailshell.com headers for days trying to see how they are different when bounced to me versus mailed to me... and today have figured it out. But there is no diff between mailed to me or auto replied to me, unless the sender courteously adds that header you mentioned, something like "Auto Replied" -- it would be handy, but the spammers would leave it out since it doesn't help them deliver.
|