Results 1 to 10 of 10

Thread: Spoofing??

  1. #1
    Websync is offline What's a Guru? I want to be a GlowRu!
    Join Date
    Oct 2005
    Location
    California
    Posts
    55

    Default Spoofing??

    I just received two emails from spammers using one of my email addresses. (That is addressed both to and from me) Now, I think this is regarded as Spoofing, but not sure. Has never happened before. Can anyone tell me what I can or should do about it?

    Thanks in advance

  2. #2
    Matt's Avatar
    Matt is offline GlowHost Administrator
    Join Date
    Jan 2005
    Location
    Behind your monitor
    Posts
    5,308

    Default

    Is your default address enabled?
    Send your friends and site visitors to GlowHost and get $125 plus bonus!
    GlowHost Affiliate Program | Read our Blog | GlowHost's Facebook | Follow us on Twitter | GlowHost on Google+

  3. #3
    Websync is offline What's a Guru? I want to be a GlowRu!
    Join Date
    Oct 2005
    Location
    California
    Posts
    55

    Default

    Hey Matt,
    Thanks for the quick reply.

    Current Setting: :fail: No Such User Here

  4. #4
    Matt's Avatar
    Matt is offline GlowHost Administrator
    Join Date
    Jan 2005
    Location
    Behind your monitor
    Posts
    5,308

    Default

    I am not really sure at this point, as your default address setting is the way I would recommend doing it. I've seen an increase in spam of the type you describe, I have a ticket in with cPanel now to see if they have any ideas or suggestions on how these are getting through.
    Send your friends and site visitors to GlowHost and get $125 plus bonus!
    GlowHost Affiliate Program | Read our Blog | GlowHost's Facebook | Follow us on Twitter | GlowHost on Google+

  5. #5
    Matt's Avatar
    Matt is offline GlowHost Administrator
    Join Date
    Jan 2005
    Location
    Behind your monitor
    Posts
    5,308

    Default

    Also do you have SPF records setup for your domain?

    I would try using this:

    Code:
    "v=spf1 a:server.hostname.com a mx -all"
    where "server.hostname.com" is your server's hostname.

    This in theory is supposed to reject anything (-all) sent to you using your domain if it does not match the A records of your domain, the MX records of your domain, or the A records of your server hostname. In the current cPanel setup the mailserver sends from the hostname, so the servers hostname should be in your SPF if your domain is on a dedicated IP. If you are on the main server IP you don't really need this section:

    a:server.hostname.com

    But it seems like it will not hurt and covers you in case you change your domain to use a dedicated IP address. There is some talk that cPanel will add functionality to send from the domain IP itself. if that day comes then the SPF would look like:


    Code:
    "v=spf1 a mx -all"
    The above can also be used for hosts that you know will always remain on a shared IP.
    Send your friends and site visitors to GlowHost and get $125 plus bonus!
    GlowHost Affiliate Program | Read our Blog | GlowHost's Facebook | Follow us on Twitter | GlowHost on Google+

  6. #6
    Matt's Avatar
    Matt is offline GlowHost Administrator
    Join Date
    Jan 2005
    Location
    Behind your monitor
    Posts
    5,308

    Default

    Oh and PS. Your WHM > Exim Configuration should have the following checked so that your rules are honored:

    Blacklist: SPF Checking [x]

    If you have a dedicated server you will have access to your Exim config editor. If you have a shared server, this setting is already enabled.
    Send your friends and site visitors to GlowHost and get $125 plus bonus!
    GlowHost Affiliate Program | Read our Blog | GlowHost's Facebook | Follow us on Twitter | GlowHost on Google+

  7. #7
    Matt's Avatar
    Matt is offline GlowHost Administrator
    Join Date
    Jan 2005
    Location
    Behind your monitor
    Posts
    5,308

    Default

    Additional information on SPF syntax can be found here.

    SPF: SPF Record Syntax

    Tip:
    If you want to ignore SPF checks you can see the "-all" flag to "+all"
    Send your friends and site visitors to GlowHost and get $125 plus bonus!
    GlowHost Affiliate Program | Read our Blog | GlowHost's Facebook | Follow us on Twitter | GlowHost on Google+

  8. #8
    Websync is offline What's a Guru? I want to be a GlowRu!
    Join Date
    Oct 2005
    Location
    California
    Posts
    55

    Default

    Quote Originally Posted by Matt View Post
    I have a ticket in with cPanel now to see if they have any ideas or suggestions on how these are getting through.
    Let me know what you find out. This is a new one to me.

  9. #9
    Websync is offline What's a Guru? I want to be a GlowRu!
    Join Date
    Oct 2005
    Location
    California
    Posts
    55

    Default

    Thanks for all the info Matt. No, I don't have any SPF records set up for the domain. The domain is on Ginger. I didn't receive anymore spam mail today, which is nice. Will start a ticket on this if it continues to be a problem.

  10. #10
    Matt's Avatar
    Matt is offline GlowHost Administrator
    Join Date
    Jan 2005
    Location
    Behind your monitor
    Posts
    5,308

    Default

    Well, so long as you remain on the ginger server, then your SPF record would look like this:


    Code:
    "v=spf1 a:ginger.gendns10.com a mx -all"
    Send your friends and site visitors to GlowHost and get $125 plus bonus!
    GlowHost Affiliate Program | Read our Blog | GlowHost's Facebook | Follow us on Twitter | GlowHost on Google+

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14