Re: Bounced messages for email from forged email addresses for a hosted domain - need opinions

[Gino Cerullo]

On 25-Jun-06, at 12:58 PM, "Jim Hermann - UUN Hostmaster" <[EMAIL PROTECTED]> wrote: Does it do any good to complain to the ISP that accepted the original email with a forged email address that uses a domain name that I administer? I administer a number of domain names that are being used in the forged email addresses for spam that is sent to recipients on other servers.  Some people call this a JoeJob.  Obviously, I can't prevent this, although I can use SPF with HARDFAIL to help the recipient server identify that the email address has been forged. The problem is that my server receives numerous bounced messages from the recipient servers because the recipients do not exist or do not accept the spam.  Of course, I can reject or delete the bounced messages if the forged email address does not exist. However, I would like to be more proactive and complain to the ISP that accepted the original email.  The bounced message often includes the Full Headers for the original email message.  Most of these emails originate on many different IP Addresses.  I assume that these machines are zombies or part of a network of machines that spammers control.  Will the ISP take action if they receive a complaint?  The ISPs are all of the world, not concentrated in one region or country. Jim ----- Jim Hermann <[EMAIL PROTECTED]> UUism Networks <http://www.UUism.net> Ministering to the Needs of Online UUs Web Hosting, Email Services, Mailing Lists Personally, nowadays I believe bouncing messages back to the alleged sender is a waste of resources and bandwidth with the amount of forgery going on. I wish that admins would configure their servers to stop that practice. Complaining to those admins I'm afraid will be an exercise in futility as trying to reach the right person will be nearly impossible and risks becoming a full time job in itself.  My vote would be for setting SPF for HARDFAIL as soon as is feasible, after all dealing with forgery is what SPF was designed for. Sure, unless those ISPs are checking against SPF it may not help but that situation is getting better all the time as more and more SPF is being deployed.  -- Gino Cerullo Pixel Point Studios 21 Chesham Drive Toronto, ON  M3M 1W6 T: 416-247-7740 F: 416-247-7503