For the past 14 hours some spammer has been sending emails spoofed from various non-existent addresses at jonathancoulton.com. I woke up this morning and my inbox had something like 3,000 emails, all auto replies: I’m out of the office, message undeliverable, we’ve received your support request, are you sure you want to join this Yahoo group?, etc. My spam filter appears to be doing a pretty good job – I usually like to check its work, but I’m afraid the volume is just too big for that now. So if you send an email and don’t get a response, that may be why. Hopefully this will end soon…
Brad Wray says
I sent you an email... don't throw it out. You seem to be one of the only people on earth doing the same thing that that I am doing.
The same thing happened with one of my subdomains a few months ago. It's still going. Fortunately, I have one of those statistical, trainable spam filters, so the volume that I actually see has dropped off (and "out of office" replies are practically spam anyway, IMHO).
I woke up this morning too! Woooohoooo!
But Misty, did you have a scone and a large house blend?
Luckily that hasn't happened to me yet. Of course my fame is largely imagined, so that certainly helps.
And, yes: Hooray for waking up!
This is one of the nastiest techniques we've been seeing with spam lately. Outgoing spams get signed with "firstname.lastname@example.org". You get all the bounce messages because you've got wildcarding set up on your domain - * @jonathancoulton.com goes to whatever email address you're reading all this from.
Turn off domain wildcarding. It's the only thing I could figure out how to do after three or four of these attacks. Accept email at jonathan and email@example.com (as well as root, admin, etc.), and send the rest into the aether.
See you in Montague on Saturday... looking forward to the gig.
Alex Holden says
It's called a Joe-job, and it's been happening to me regularly for a few years. I had to turn off my catch-all and only accept mail for a limited set of usernames.
If the govenrment were to form a death squad that went around torturing and killing spamemrs, would anyone really object?
As for the scone, that's a big no, I'm a celiac. And I find feasting on the blood of the non-believers more refreshing than coffee and it leaves me less gassy.
Did those Internet Scallywags just provide inspiration for another song?
I hope so... this is a bountiful topic.
Chris Radcliff says
I agree with Alex: you might try turning off the catch-all forwarder thingy. That would at least filter out spam sent to firstname.lastname@example.org, email@example.com, firstname.lastname@example.org...
Hmm. Could this become one of those litany songs where you sing a line or two for each fake name? 88 Lines For 44 Spammers?
Well, the catchall is turned off, but now I'm not sure I'm receiving anything. Stay tuned...
Eric Ginsberg says
A) How to spammers do that? and B) How can you stop them? I mean, I'd imagine that the bigger worry is that someone is out there trashing your good name by using it for the purpose of evil. And, really, is there any greater evil on this earth than spam? I mean, at least with telemarketers, you can screw with them back.
A) Magic. Dark, dark magic. and B) You can't. They're evil. Hence the dark, dark magic.
With telemarketers I like to keep them on the phone for as long as I can. They're typically so desperite for sales that they don't realize you're screwing with them. It's actually a better way to get off their lists than telling them to take your name off. When they realize you're just going to keep them from potential sales, they stop calling.
I also like messing with telemarketers. i briefly had a job as one and the best thing that anyone ever did to me was thus:
They said "Can you hold on a minute?", I said "Sure." They put the phone down by their radio and walked away, never to return. I thought that was so brilliant I do it to telemarketers now. I don't get calls anymore.
Andrew Jones says
On the telemarketing fun scale of 1-10, this ranks a 15. Synopsis - take a voice modem, set it to play back a sequence of sound clips triggered by a silence, and record the entire conversation for fun.
Hmm, sounds like the makings for a new song...
Ask whomever does your email host to set up an SPF (Sender Policy Framework) record for jonathancoulton.com
SPF (for email servers that support it) basically is a way for an email server to check to see if email from @jonathancoulton.com is coming from the right email server.
Lots of people's email servers check SPF records - but not all. It may help cut back on the spamming tho.
Well, that sucks... That happened to me a couple of months ago. I'm still fending off the evils of the spam... May you get these bastards!
SPF did wonders for my backsplatter problem. With zillions of domains without SPF records to choose from, the spammers probably avoid forging domains that have SPF records. After all, they want their message to go through. If you forge mail from bob(at)illudium.com, it's just going straight into the hopper.