Spam from a ‘For Sale’ Domain? How is that possible?

HEY,STOP SENDING ME YOUR SPAM!

Mad Girl

Occasionally TheNameStore.com gets a cranky complaint from someone claiming that they have received spam from one of our domains names. 

Let’s be very clear up front: We do not send any email from any of our domains listed for sale, ever.  In fact, we take 2 steps to make it more difficult to use our domains in their spam.

  1.  All MX records are removed.  (MX records are instructions for the internet’s mail routing system). This effectively disables the ability to receive email on that domain.
  2. All of our domains have null pointer SPF records.  This disables the ability to send email which appears to be from that domain, but only from email servers that support the SPF initiatives to stop spam. 

So how is it that you could still get spam with one of our domains in the ’from’ field?

Unscrupulous spammers often randomly pick a return address domain name that sounds authentic and informative, so you’ll open their email.  If they use an email server that doesn’t bother to check the SPF records, the email will appear to be from us, when it isn’t.

Another reason spammers use a return address domain name is that they’re probably sending to millions of email addresses, and many of them will be invalid causing the email to bounce back. Why should the spammer have to deal with thousands of bounced emails (and angry complaints) when he can have them sent to an innocent victim?

If you’ve got the time and the will, you can look at the SMTP headers to see the IP where the email came from.  There will usually be a string of IP numbers showing the route the email took as it moved across the internet.  Only the first one is important — that will be the originating mail server.  Copy the IP number, and go to DnsStuff.com for an ‘IP WHOIS’ check.

Unfortunately, most often you’ll find that the email originated from a server that was hijacked for the purpose of sending spam — and the owner of that computer will likely be wondering why his internet connection seems so slow and his server seems so busy.