We have our own domain name purchased from GoDaddy and as such, it has an
email associated with it. For now, we’re not using the email part of it, just
the URL for our website and have the email at our domainname.com forwarded to a
real email address. Recently, I’ve been getting returned emails stating “could
not send in “x” minutes, etc.” and even a few replies from real email addresses,
saying that our email to them has been marked as spam. So somehow, someone has
gotten a hold of our domain name and is using it to send spam like some
randomaddress@ourdoman.com for things like Viagra (oh joy). I’m afraid that
when we do go to use our email address, it will have been labeled by servers
everywhere as spam. What can we do?
In this excerpt from
Answercast #58, I look at how spammers use domain names to send out spam and
the impact that it may have on your email.
Become a Patron of Ask Leo! and go ad-free!
What can we do about spam?
Nothing! So here is the thing: nobody has actually taken your domain.
Someone has not gotten a hold of your domain.
The problem is that the from address on an email is incredibly easy to
spoof. I could send an email that looks like it came from just about any email
address on any email domain that I might want it to. I don’t need the domain; I
don’t need access to the domain; I don’t need anything related to the domain to
make this email look like it came from that domain. And that’s what spammers
do.
Why spammers use domains
They do that for a couple of different reasons:
-
One is to trick people into thinking that the email is from a legitimate
source and therefore, open it and act on it. -
And they do that to cover their tracks. Obviously, by sending a fake from
address, they’re hiding where the email actually originated.
Labeled as spam?
Now, how does this impact you down the line when you finally start using
your email addresses on your domain?
Well, the good news is since they’re not using your server at all (remember
they’re not using anything associated with your domain), they’re not using
your server so your server’s reputation (the server that you might
eventually use to send email) is not taking a hit for this.
The server is doing whatever your email server does. The spam is coming from
some completely unrelated server (or perhaps a botnet or who knows where else),
but it’s not coming from anything that would eventually be associated with
you.
Second, this type of from spoofing is so incredibly common that in reality,
it just doesn’t really count that much of a black mark for the email addresses
that might appear in the from address.
And finally, you know they’re making up the email addresses, right? They’re
using random characters at “yourdomain.com.” When you end up using your email
addresses on yourdomain.com, they’ll probably not be random characters. They
will probably be things like your names, your email names, your division names,
whatever you would normally use as an email address.
I might use “Leo” at the domainname.com and so forth. Those are definitely
not random. Those are things that were probably not used by the spammers to
create fake email from lines. And, like I said, even if they were, this is so
common that most spam authorities just know not to attribute too much either
positive or negative to the from address on spam.
What to do about it?
Ultimately, in your shoes… well, I am in your shoes all the time.
I own something like 70 or 80 domains and I’m sure that spam is being sent out
from those domains, even though that spam has nothing to do with my
servers.
I basically ignore it, and when I get around to using my domain for email,
as I do for some of them, it really hasn’t been an issue so I wouldn’t really
worry about it.
Next from Answercast 58 – How can someone create a fake account in my daughter’s name?
1. Why don’t my security system stop others form sending me e-mail using a name that I recognize?
2. Why does most of my e-mail go to the DELETED file rather than the INBOX?
Unfortunately, some of the major email companies don’t share your relaxed attitudes. Mail purportedly from one of my domains (which I’ve owned for about 20 years) has caused refusals for my legitimate mail as coming from a spammer by yahoo and bellsouth, to name a few. When that happens I must look them up and write several times to straighten them out.
It usually happens every few months
I have used firstname@lastname.com as my email address so that I would not have to change my email as I moved from aol to att to comcast. I use a domain company to forward my email. More than once some spammer used anything@lastname.com to send email and I would get all kinds of rejected email. A number of times my email forwarding would be blocked. I had to stop forwarding my email to my comcast email id because they said that the domain company had too much spam. They were blocking the email from that domain company and my email would be delayed from hours to days. I am currently forwarding my email to ATT because they seem to forward email more timely now. I am looking for a new domain company to be my email forwarder.