soleros

Thanks for the replies, Mike. So...my impression of SPF configuration is that it happens at the DNS level, where the legitimate mail servers allowed to send mail from a domain are defined in a TXT record. That's what I've done. From what you said it sounds like there may be some reason why that is not sufficient. (?) Other question I forgot: So if you're a reseller and somebody you're hosting starts sending spam, what gets suspended? *their* domain, or the reseller domain? Since it happens quickly it would be good to know in advance at what level the suspension occurs: The guilty domain, or everything hosted by that reseller account. (?) Thanks again for the in-depth responses. Thumbs Up

This is an old thread but it brings up some questions: 1. If I were having this problem on a TCH-hosted domain (being hijacked and thus, me getting bounces to made-up emailaddresses@**** used by spammers) -- it isn't clear if this is enough to get an account suspended. It shouldn't be, since the TCH-hosted domain is a victim, not a perp. 2. Does TCH expect us to report abuse to dozens or hundreds of different emails, ip addresses, compromised mail relays, in order to keep from being suspended? This would be unfair to those who are hijacked like this. 3. What is TCH's level of awaress of sender-authentication schemes such as SDF? (sdf.pobox.com). My domains have implemented their DNS TXT records, which ought to indicate a serious attempt on my part to reduce the risk of my domain being framed as a spammer's domain. The point is, to what extent must the victim go out of their way and spend time responding to this sort of thing to please TCH? Or put another way, at what point does TCH agree that the victim IS a victim (and has no virii) and consider the account in good standing and keep it active? Also, what exactly is the mechanism by which suspension occurs? Some automated process, or is a human involved? In other words, how much opportunity does a TCH-hosted domain account holder have to alert TCH before TCH takes any adverse action on the account? Some of this may be in the TOS or AUP but a reiteration in plain English here would be helpful. If any of it is in plain English in those two documents just let me know -- I don't have time to read them at the moment but have recently been a victim of this same problem and want to know the full scoop on response requirements, etc.

Oh believe me I've seen THAT happen -- like on a domain that I have never used email (or anything else) on, but for some reason had a catchall address for. As it happens, though, the domain that was hijacked has existed since 1996. So....that's not what happened in this case. Frankly, as careful as I am, I am amazed I avoided this sort of thing on that domain for 8 years.

I got one of my domains swiped last week for this use as well, so I've been getting about 50 "bounce" messages a day with random email addresses (because I use a catchall address, a practice which may have to end on that domain). Before this I almost never got spam because of the compartmentalization of how I use addresses (facilitated by the catchall address). I won't go into that, but I am a little curious why the first spams I got were at an address I only gave to TCH last year and never to anyone else. Anyway, it hardly matters now. They've decided they like my domain. I'm sure that there are 100x as many spam email "from" me getting through to unsuspecting victims. In terms of doing something about it, all is not lost, however. There are several movements afoot to assist with authenticating authorized senders. A good start is to check out this site: Sender Policy Framework I do not know whether or not TCH's in-house DNS allows the addition of TXT records, but if so (I host my DNS separately), it's worth using the wizard here to create a pertinent record for any domain you own, because more providers are adopting this or similar standards and it's already helping cut down spam and successful forgery. I added one yesterday for the hijacked domain, but I have no idea if it will do any good. It can't hurt.

Well guys, not too thrilled, I'm getting spammed at an email address only assigned to TCH for its correspondence with me. Might want to double-check your security of customer lists. I know it wasn't anyone else; I assign every business I do business with on the 'net an email address that is for its exclusive use. That's why I get about 3 spam messages a week. Works great...and tells me who needs to button things up a little tighter. - ? And no it's not because of some virus I got that passed on that address to a spammer. I don't get virii or worms or any of that other malware. I'm on a Mac running OS 9, and I don't play fast and loose with email addresses. So...please have a look at your end. Thanks. k.