Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
max_rip2012-10-01 21:27:09
gmail
max_rip, 2012-10-01 21:27:09

Spam from my domain?

There is a domain, let's say domen.com
In general, I started receiving letters from other mail servers, like this
Letter

Hei [email protected],<br><br>
Saat tämän viestin, koska haluamme ilmoittaa, että ryhmää (jokipojat), johon yritit ottaa yhteyttä, ei ehkä ole olemassa tai sinulla ei ole oikeutta lähettää viestejä kyseiseen ryhmään. Alla on muutamia muita mahdollisia syitä sille, että viestin lähettäminen ei onnistu:<br><br>
 * Saatoit kirjoittaa tai muotoilla ryhmän nimen väärin.<br>
 * Ryhmän omistaja on saattanut poistaa kyseisen ryhmän.<br>
 * Viestien lähettäminen ryhmään saattaa edellyttää ryhmään liittymistä.<br>
 * Kyseiseen ryhmään ei ehkä voi lähettää viestejä.<br><br>
Jos sinulla on kysymyksiä tästä ryhmästä tai muista Google-ryhmistä, käy ohjekeskuksessa osoitteessa http://groups.google.com/support/?hl=fi_FI.<br><br>
Kiitos<br><br>
Google Groups<br><br>
----- Original message -----<br><br>
Received: by 10.14.210.133 with SMTP id u5mr4393834eeo.2.1348256179672;<br>
        Fri, 21 Sep 2012 12:36:19 -0700 (PDT)<br>
Received: by 10.14.210.133 with SMTP id u5mr4393833eeo.2.1348256179663;<br>
        Fri, 21 Sep 2012 12:36:19 -0700 (PDT)<br>
Return-Path: <[email protected]><br>
Received: from  ([200.204.237.84])<br>
        by gmr-mx.google.com with ESMTP id d5si12333070eep.0.2012.09.21.12.36.17;<br>
        Fri, 21 Sep 2012 12:36:19 -0700 (PDT)<br>
Received-SPF: softfail (google.com: domain of transitioning [email protected] does not designate 200.204.237.84 as permitted sender) client-ip=200.204.237.84;<br>
Authentication-Results: gmr-mx.google.com; spf=softfail (google.com: domain of transitioning [email protected] does not designate 200.204.237.84 as permitted sender) [email protected]<br>
From: "ADP Benefit Services" <[email protected]><br>
Subject: ADP Urgent Notification - Your Transaction Report<br>
To: <[email protected]><br>
Content-Transfer-Encoding: 8bit<br>
Content-Type: text/html; chars="utf-8"<br>
Date: Fri, 21 Sep 2012 16:36:15 -0200<br>
List-Unsubscribe: <mailto:[email protected]><br>
Message-ID: <[email protected]><br><br>
----- End of message -----<br>

Since I am a domain administrator, I checked the box to receive all letters that did not reach the addressee, then I started receiving them. It turns out spam is sent from the left boxes of my domain.
I looked into the spam folder, and there is a whole hotbed of spam that is already being sent to me at addresses like [email protected] And every 1-2 minutes.
Domain SPF configured v=spf1 include:_spf.google.com ~all

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

6 answer(s)
Report
S
smartlight, 2012-10-01
@smartlight

well so and what for to you mail of nonexistent boxes?

Report
O
Oleg Matrozov, 2012-10-01
@Mear

As an addition to SPF, I can advise you to add DKIM with mandatory ADSP, so that the receiving servers with spam can filter it more effectively and understand that the sender is not you. And yes, it is difficult to offer anything else in this situation.

Report
A
Andrey Burov, 2012-10-01
@BuriK666

SPF is not a requirement, but a recommendation.
Read how the SMTP protocol works and understand why such letters can go.
The From field doesn't really mean anything, it's the same as the Subject field.

Report
D
Dmitry T., 2012-10-02
@tyzhnenko

Anyone can send an email with any user to any domain in the MX for that domain. This is the SMTP protocol :(
Judging by the headers:

Received: from ([200.204.237.84])
by gmr-mx.google.com with ESMTP id d5si12333070eep.0.2012.09.21.12.36.17;
Fri, 21 Sep 2012 12:36:19 -0700 (PDT)
Received-SPF: softfail (google.com: domain of transitioning [email protected] does not designate 200.204.237.84 as permitted sender) client-ip=200.204.237.84 ;

You have received a letter, for "you" from "you". With IP - 200.204.237.84, because you are not prohibited from receiving mail from your domain from IPs other than those specified in the SPF.
To prevent receiving mail from your domain from other IPs, try putting -all instead of ~all in the SPF record.

Report
X
xsash, 2012-10-01
@xsash

The situation is one to one, even the approximate mask of "senders" is the same.
There is no way to fight, the "sender" field is fake.
It is possible to write abuses on domains/providers from which spam is sent, but IMHO there will be no special sense.

Report
D
Dmitry, 2012-10-24
@Tomasina

so spam out all the same is sent out?

Similar questions
A
Aristokrat- govno na rukave2018-03-29 18:00:15
Yandex emails not being forwarded? 2Reply
M
mamaanarhiya2018-04-02 12:33:19
How to correctly register gmail for making in-game purchases? 2Reply
V
Vladimir Chernyshev2012-08-27 22:56:13
Message rejected when sent by script via SMTP to Google Apps account. CHADNT? 2Reply
J
Joke2012-09-01 16:40:55
Can Gmail be someone else's IMAP mail client, or is there another solution? 2Reply
V
vitom2012-10-16 22:50:18
Does Gmail know the number of mailboxes of the same person? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question