MailForgery

About Mail Forgery

It is possible that one day you will log in to check your email and find a slew of messages coming from postmaster@somedomain.com, Mailer-Daemon, and all of their friends. The dilemma is that you know for a fact you did not send out email to any of the addresses that are coming back to you in error. Has someone hacked into your mail account? Does someone have control over your computer without your knowledge? Just what is going on?!

The short answer is that you have been 'joe-jobbed'. This is defined by http://catb.org/~esr/jargon/html/J/joe-job.html as "A spam run forged to appear as though it came from an innocent party, who is then generally flooded by the bounces; or, the act of performing such a run."

Can't Darkscape do anything to prevent this?

Well yes, and no. Darkscape is an avid supporter of the SPF system which allows us, your web hosting provider, to publish which Internet Servers are allowed to send mail for your domain. So when a message from you@yourdomain.com goes to someone@theirdomain.com, it is hopeful that theirdomain.com actually checks WHO sent the message (mail.darkscape.net?) and if not, discard the message. Since SPF is still young and not widely adopted, the 'joe-jobbed' and undeliverable emails are bounced back to your valid address.

What you are able to do is disable your Catch All email address for your domain, and reject messages not sent to you directly. While this won't prevent someone using your domain in a spam run, you won't have to deal with the aftermath unless they do use your real address. While we don't like the bury-your-head-in-the-sand approach, there is little else we can do aside from coax the other mail service provider to adopt filtering based on SPF records.

For factual/textual contributions or clarification, please email info@darkscape.net. Thank you for your time, and we sympathize with you if you've been a joe-job victim!