Jump to content

Help With Spam - "rumplestilskin?"

Recommended Posts

Spam assassin is working great, and is filtering out a lot of junk. Unfortunately, I am starting to get more and more spam sent to bogus addresses at my domain, i.e. moytet@mydomain, gagne@mydomain, etc. (50 to 100 per day!). I saw another post that called this technique "Rumplestilskin".


I would like to set my default to fail everything, except the specific addresses I pick. However, I have had my domain for several years, and have used different email addresses for different purposes, some of which I can't remember... I don't want to risk bouncing legit people.


Is there a way to set the fail command (or a similar command) to bounce back email, but include a message "This email address is invalid or no longer in use. Please use our website contact form or call us to get our current email address."


Thanks in advance.

Link to comment
Share on other sites

When you use :fail:


the senders e-mail server will return a bounce message

not your server.


I am in the same boat, about to use :fail: myself

and have used so many alias addys, but I need to do it to stop the new spam and virus e-mail.

Link to comment
Share on other sites

In your cpanel, please do this:


1) Click on "Default Address" in the email section.


2) Scroll down to "Set default adress" and click it.


3) Enter :fail: in the empty text box after your domain. Note the 2 colons, they are important.


4) Click change.

Link to comment
Share on other sites

I think several people are in the same boat as me, having used various email addresses (now forgotten) over the years and not wanting to now block them...


I would lke to make sure that email addresses I specify get through, i.e. legit@mydomail, legit2@mydomain, etc.


I'm not sure whether to then :fail: everything else, or subject everything else to a very aggressive SpamAssassin number (i.e. 2).


Anyway, Jim wrote a good post on preventing spam that explained the :fail: command for the default address. He said you could still have your "reserve" address get through, and forward other legit addresses to it.


"2. Have a reserved email address you never use to sign up for things or give to websites. I may have Jim@MyTCHDomain.com".


I hope this isn't a dumb question, but HOW do I set up a "reserve" email address? Do I set up an account for it? And do I then have to check it separately with Outlook / POP3 ?


I take it if I only have my default address and set that to :fail:and don't set up a reserve or forwards, I won't get anything.


I don't want to forward to a different domain, I just want legit@mydomain to go through as usual.


I am thinking I need to set up an email account in cPanel, but would appreciate a clarification if my question above makes sense!


Thanks in advance.

Link to comment
Share on other sites

A "reserve" email address is just like any other address and an account must be created for it to collect mail.


Yes, you will have to check the account.


Then create a forward for you legit@ to go to this account you create. The forward address does not need to be set up as an account and shouldn't.

Link to comment
Share on other sites

Thanks for the advice so far. I had never set up any email accts, just used the default one since everything gets through... Never really thought about it.


Anyway, I have set up a "reserve" address and am in the process of setting up forwards to it for all my legitimate addresses... if I can remember them. I will copy Don and go through old emails, though many have been discarded.


Is there a way to have spam assassin scan only the unforwarded emails (not my reserve address and the forwards, and then set it VERY aggressive?


I haven't decided whether to try the above with spam assassin, or simply :fail: all the other emails.


My fear is that I have forgotten a special email address I set up, or someone misspells my email address (i.e. rob@ instead of bob@ and then it fails, but I guess it would bounce back and they would double check the email address and realize their mistake...?).

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...