spammers using my e-mail address

[blu at vl.com (Tom Metro)]

Stephen Adler wrote:
> It looks like some spammers have decided to put my address in the 
> reply-to field in the spam they are sending out across the Internet.

As another reply pointed out, this is exceedingly common. Google the 
term "joe job."

(Though using the Reply-to field would be a bit unusual, if you 
literally meant that. Typically the forged address is used on the From 
header, and in the SMTP envelope. The consequence of the latter is that 
you receive the bounces when/if the message fails to be delivered.)


> Is there a way of finding out who is doing them...

As another reply pointed out, the trail will most likely just lead to a 
zombie machine in the hands of an innocent (if careless) third party.

It may be possible to figure out the true source if you really want to 
dedicate a lot of time to tracking them down and correlating information 
among many different emails. You might want to take a look at the Usenet 
group news.admin.net-abuse.email[1] and see if others have reported 
sightings of similar emails.


> ...and getting them to stop?

You can't stop it, but you can reduce the impact by publishing SPF[2] 
records for your domain. This will permit sites receiving such forged 
messages to more easily detect them as forgeries, and reject the message 
at an earlier stage to avoid generating a bounce.

1. http://groups.google.com/group/news.admin.net-abuse.email/topics
2. http://www.openspf.org/

  -Tom

-- 
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.