Jump to content

Spammers Got Ahold Of My Domain Name For Spam


Recommended Posts



As long as they have not gained access to your site, there is nothing you can do to stop them. I can put anything I want in my return address and it will look like it comes from there. The headers give the real story though so as long as the headers do not match your site then you are safe even though it "looks" like it is coming from you.

Link to comment
Share on other sites

Hmmmm.... I don't know... Here is an example of a "returned" email....

Does the header tell the story in my favor?




Hi. This is the qmail-send program at sincity.telecable.es.

I'm afraid I wasn't able to deliver your message to the following addresses.

This is a permanent error; I've given up. Sorry it didn't work out.



Sorry, no mailbox here by that name. (#5.1.1)


--- Below this line is a copy of the message.


Return-Path: <llxxdo@gentlemenoffortune.com>

Received: (qmail 26855 invoked from network); 14 Oct 2006 04:57:21 -0000

Received: from unknown (HELO ujzsmm) ([])

(envelope-sender <llxxdo@gentlemenoffortune.com>)

by sincity.telecable.es (qmail-ldap-1.03) with SMTP

for <lsqka@igijon.com>; 14 Oct 2006 04:57:21 -0000

Received: from ([]) by ujzsmm with Microsoft SMTPSVC(6.0.3790.211); Wed, 27 Sep 2006 13:06:34 +0800

Message-ID: <451A0490.8070508@gentlemenoffortune.com>

Date: Wed, 27 Sep 2006 12:56:48 +0800

From: Rosaline Brandon <llxxdo@gentlemenoffortune.com>

User-Agent: Thunderbird (Windows/20060909)

MIME-Version: 1.0

To: lsqka@igijon.com

Subject: adjudicator lace

Content-Type: multipart/related;



This is a multi-part message in MIME format.


Content-Type: text/html; charset=ISO-8859-1

Content-Transfer-Encoding: 7bit


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">



<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">


<body bgcolor="#ffffff" text="#000000">

<img alt="" src="cid:part1.00040506.08010709@gentlemenoffortune.com"

height="441" width="523"><br>




Link to comment
Share on other sites

Look at the header part

Received: from ([]) by ujzsmm with Microsoft SMTPSVC(6.0.3790.211); Wed, 27 Sep 2006 13:06:34 +0800


the ip

resolves to

inetnum: -

netname: CHINANET-HB

descr: CHINANET Hubei province network

descr: China Telecom

descr: A12,Xin-Jie-Kou-Wai Street

descr: Beijing 100088

country: CN



You can use NIC.COM to look at a ip address

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...