Web Hosting Chat - The Number 1 in Web Hosting discussion Forums

WHC

Professional webhosting guide


Go Back   Web Hosting Chat - The Number 1 in Web Hosting discussion Forums > Technical Discussions Forums > Technical & Security Discussions

Email spoofing Email spoofing

Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Rate Thread
Old 11-16-2005, 09:52 AM   #1 (permalink)
dnsking
Guest
 
Posts: n/a
Email spoofing
hello,

we have got complaint from our client that, emails are sent using their email address, I have setup the SPF record, but still going through it. any help?
  Reply With Quote
Old 11-17-2005, 03:08 PM   #2 (permalink)
WHC Guru
 
Join Date: Jan 2004
Posts: 3,363
does it orrigionate from the IP of your server?
__________________
Seeksadmin - For all your administration and security needs.

Hostaga - A true hosting leader
Tris is offline   Reply With Quote
Old 11-24-2005, 04:57 AM   #3 (permalink)
ninjatune
Guest
 
Posts: n/a
there is a chance a perl/cgi/php script on your server is causing the problem.
  Reply With Quote
Old 12-02-2005, 08:57 AM   #4 (permalink)
ManXP
Guest
 
Posts: n/a
Probably it's just a virus using faked email address.

Are you sure virus was sent from YOUR server?
  Reply With Quote
Old 12-08-2005, 10:31 AM   #5 (permalink)
WHC Moderator
 
Join Date: Nov 2003
Location: Castle Rock, CO
Posts: 233
Clients contact me about this all the time. They are more than likely not sent from your mail server but just have a return / send email address of that particular domain. One of my sites that has been up since about 1996 is abused like this a lot - I get returned emails messages to something like LucienRhoadescontradistinction@example.com (just got this one now).

One way to help is to get rid of the catchall. I love my catchall but I am thinking of doing something with it. Having the SPF record will help as well since a lot of servers are checking that these days
Corey Bryant is offline   Reply With Quote
Old 06-03-2006, 09:36 PM   #6 (permalink)
Simon S
Guest
 
Posts: n/a
Hello,

Eventhough, Sender Policy Framework (SPF) is an emerging standard by which the owners of domains identify their outgoing mail servers in DNS, and then SMTP servers can check the addresses in the mail headers against that information to determine whether a message contains a spoofed address.

SPF does NOT limit in ANY WAY spoofed e-mails.

This is due to the fact, that the SPF standard does not protect the "From" address, which is seen in the e-mail client, but the so-called envelope sender address, visible only, when the message source is opened (in the Return-Path header).


Users need to implement Simple Authentication and Security Layer (SASL) SMTP for sending mail. Once this is accomplished, administrators can set their domains so that unauthenticated mail sent from them will fail, and the domain’s name can’t be forged.

Other technological solutions, such as digitally signed e-mail, with either desktop or gateway verification, have been proposed by such bodies as the Anti-Phishing Working Group

Thanks,

Simon S
Technical Support Executive,
Accuwebhosting
  Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT -4. The time now is 10:55 PM.

Contact Us - Web Hosting Chat - The Number 1 in Web Hosting discussion - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0