You may have had it happen before. Out of nowhere you suddenly get hundreds or thousands of 'Message Undeliverable' messages from 'Mailer Daemon' with whether your address on them or a non-existent address at your domain. This is ordinarily referred to as a 'Joe-Job'.
These messages are automatically generated by the mail server, so there's no use replying to them. Daemon (pronounced like Demon) isn't a funky way of spelling Damian ... It is a server process.
Daemon - Computer Science A agenda or process that sits idly in the background until it is invoked to accomplish its task.
Mailserver
This regularly means that a spammer has sent out a whole lot of messages with your domain as the from and/or reply address. They do this because they don't want to recognize their own real address and they no ifs ands or buts don't care if or where messages bounce. By putting your domain in the reply field it makes the email look more legitimate. You'll probably also receive a few angry 'go away spammer' messages from other population who received the spam message.
One way to reduce the incidence of 'joe jobs' is to use Spf. Spf or Sender policy Framework is a principles that was originally presented in a paper by Paul Vixie (the author of Bind which is the Dns server used on the majority of Unix servers) in 2002. What Spf does is define which servers are Allowed to send mail from your domain. This means that spam that has your domain in the reply address will be rejected Unless it came from your server. In most cases the spammer uses zombie servers to send emails, so the likelihood of the spam originating from your server is very low (unless you didn't set those strong Ftp passwords!).
Not every Isp and organisation enforces an Spf policy so this isn't going to alleviate this problem entirely, but it will no ifs ands or buts make a inequity as many of the larger providers do use Spf if your Dns is set up with a Spf record. For more data see OpenSpf.org.
Be faithful though. If you add an Spf record to your Dns, don't forget that you probably send emails from your own Pc that have an address on that domain. If that's a case, then you need to make sure that you add your Isps outgoing (Smtp) mail server to the Spf record.
No comments:
Post a Comment