Domain hijacking

[manyagem]

A domain name which I use as alias to my main e-shop has been hijacked as a dustbin for returned spam mail of the kind ghxysp@domainname.co.uk. It's like someone coming down your street with junk mail and anything that can't be delivered through the lettebox gets dumped in the last house. I wouldn't mind so much but now I'm finding lots of recipients are blacklisting my URL - through no fault of mine! Is there anything that can be done to put things right so the scumbags don't win?

John Kerr
www.biohealthy.co.uk (the one getting victimised)  :angry:

[WHSP-Mark M]

Hi John,

I apologize for the lateness in my reply. It certainly sounds like you are having a rough go with the spam messages, it is certainly a global problem.

Before I replied to this, I did do a quick check through of your account to see what options are available to you. The first thing that stuck out like a sore thumb for me was the fact that you currently have your catch all address's enabled. The description for this is exactly what you said with regards to the junkmail getting dumped on the one house. With the catch all address enabled, it means that anybody can send email to any email address at all as long as they have @bio-health.co.uk or one of the parked domain address's it will be recieved at this account. This is the equivalent to a golden goose for spammers as they can send to any random name and as long as they include your domain name, the message will be recieved by a mailbox, which helps there rating in the spam world.

I also reviewed your mail accounts and it looks like you only have two email address's and two fowarders created. Do you happen to use any email address's for your domains that are not setup currently in the fowarders or add/remove accounts section of our control panel?. If you do not then you can easily disable the catch all address for your domains so only emails sent to these 4 address's will be recieved and everything else will be flat out rejected by the server before it ever reaches your eyes. If you do recieve emails to other address's you  may wish to set them up in the  'Fowarders' or the 'Manage/Add/Remove Accounts' section of the control pannel, so that when disabling the catch all, you do not take out legitimate email.

All this talk of disabling it and you are wondering when I am actually going to tell you how to disable it?. Well thats the easy part; simply log into the control pannel and select Mail > Default Address > Set Default Address. Then you simply copy and paste the :fail: no such address bit into the box and hit save; and you contine to do this for each domain until all show this. This alone should cut down on the amount of spam and 'Mailer Daemon' messages you would recieve in the round of a day.

If you find that you are still getting a lot of junk mail coming through, then you can select the 'Spam Assassin' icon within the mail section of the control panel and enable the spam protection on your accounts. By default with this enabled, it will tag any message it thinks is spam with ***SPAM*** in the subject line. If you are confident that you think it is catching all the spam correctly and no longer wish to recieve **SPAM** messages, you can let us know and we will be happy to enable a filter which will take out all these messages before they reach your inbox.

If anything is unclear in the above blurb, then by all means please let us know.

Thanks!
Mark

[manyagem]

Mark

Don't know about the lateness of your reply, it's the lateness of my reading it that's the real problem! Like a lot of hosting users, I guess, the pressures of actually running a website tend to overtake housekeeping matters. It's a tribute to you guys that problems are few and far between and mostly of our own making. Anyway, many thanks for the advice. Catch-all seemed like a good idea when I started out 7-8 years ago, to handle misspeltname@mydomain etc, but now it just seems to make spamming a lot worse. I'll do as you suggest.

John K

[WHSP-Mark M]

Hi Again John,

Thanks for your very nice comments. I used to be in the same boat, so I switched to the dry dock and now I just repair the boats instead of trying to steer them through the choppy sea's that is the internet.

You are also correct that the catch all idea was a great idea, but much like all good idea's it only takes the select few to come along to ruin it, in this case it appears to be the spammers.

If you should need anything else at all, please do let us know.

All the best.
Mark
WebHSP Support