[SC-Help] I am victim of Email SPOOFING...

[Spambo]

lacou wrote:
> This posting made from the web-site.  Please reply via
> email in addition to the group.  Thanks.
> ------------------------------------------------------
> I was told to come here for help.  Apparently you can help me with my problem as I am the victim of Email Spoofing.  I receive about 1 mail/minute from Mail adminstrators telling me the adress I want to reach is not reachable.  
> 
> The SPAM is about 'penis enlargment' and the adress it sends to is the following. (Some mail administrators sends me the message that could not be forwared)
> 
> http://www.gametowncastle.com/enlargo
> 
> I would really appreciate some help on this.
> Thanks
> Frank
> lacou
> 


Spammers and/or their software often use names selected at random from
their list to use in the From: field, or spammers will just make up a
user name at a valid domain to make the return address look legitimate.
They don't want the bounces or angry complaints coming to them.

Sometimes spammers with a 'bone to pick' will wage an extended campaign
but these are fairly rare since even spam friendly ISP's and web hosts
will likely find such an attack unacceptable. Sending UCE is one thing,
using their network to intentionally abuse someone is something else.

Here are some suggestions on what you can do:

1. a. Contact your ISP or mail provider and make sure they understand
       you're not involved. Using forged/bogus email addresses in the
       From: field is common with spammers and your ISP/email admin
       *should* be able to tell whether or not you're involved but some
       places are more clueless than others.

    b. If you own the domain being forged you may want to consider
       putting a notice about the forgery on your main page (index.html,
       default.html, etc.) and include a link to a page with a more
       detailed description of what happened.

2. a. To report the spammer/forger you'll need to find a bounce that
       contains FULL headers and message text. Some bounces may contain
       no useful information, others will contain abbreviated headers,
       and others will contain the full bounced message. Determine the
       appropriate abuse department(s) responsible for the message
       source and any URL's or email addresses used as a contact point
       by the spammer.

    b. You can use SpamCop to determine the appropriate addresses but
       don't use it to send your complaint - you don't want to chance
       your report being ignored because it arrives with other SpamCop
       reports about the same incident. It could be counted as another
       'strike' against their customer but not read. SpamCop reports
       tend to be pretty much the same - most of the time.

3. a. Don't send 'spam' complaints -- send FORGERY complaints to the
       abuse addresses. Many abuse departments will consider forgery a
       more serious TOS violation than sending UCE.

    b. i. Use the email address that was forged in order to establish
          that you indeed have been forged.

      ii. If your forgery complaint involves a non-existent email
          address at a domain you own (and you get everything sent to
          the domain that isn't delivered to a legitimate addy) send the
          complaint using an email address of authority (postmaster@,
          support@, abuse@, etc.) or use an email address that's
          contained in the domain registration's contact information so
          your authority to complain about the incident can be easily
          verified.

4. a. Attempt to find any information of substance about a spamvertised
       URL, check the domain's registration for example. Although it's
       unlikely, you could find a site with sufficient assets to warrant
       legal action.

    b. IANAL