Spam sent in our name

Discussion forum for Enterprise Edition.
Post Reply
bellaonline
Posts: 107
Joined: Tue Feb 28, 2006 7:15 am

Spam sent in our name

Post by bellaonline »

I realize this may be a question that cannot be fixed on my end. I'm just making sure I'm not missing something I can do.

BellaOnline.com has been around for twenty years and has gotten quite a lot of traffic in the past. We get hundreds of thousands of incoming spam messages which we deal with. However, because of our long history, we have another problem, too. We have a lot of spam sent out claiming to be us.

Here's a bounceback I just received, claiming to come from BellaOnline. The email address use doesn't exist and isn't defined, so the bounceback ended up in my system spam folder.

Received: from mail.bellaonline.com ([122.118.30.32]) by bellaonline.com with
MailEnable ESMTPA; Sat, 6 Feb 2021 15:10:49 -0500
From: NICHOLE BLAIR <chrisandnicoleblair@bellaonline.com>
To: laura <laura@dundeefc.co.uk>
Reply-To: NICHOLE BLAIR <chrisandnicoleblairm@bellaonline.com>
Subject: FW laura!
Date: Sat, 6 Feb 2021 23:10:16 +0300
Message-Id: <434029731vk0$kdu1gyd6$dbsx1yye$@bellaonline.com>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0037_WGRUYZBZ.2XU3UP33"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: d2ZAZTV4QDhta3EpayMjZ3YjcV4oIw==
Content-Language: en-us
X-Envelope-Sender: chrisandnicoleblair@bellaonline.com
X-ME-Bayesian: 0.088600


...

This sort of steady stream of mail is getting us blocked from various mail systems. It's not coming from our system - that IP address is somewhere in China, so I can't stop it from going out. Is there anything at all I can do or do I just have to keep writing Hotmail etc. and pointing out that we are not sending these email messages?

MailEnable-Ian
Site Admin
Posts: 9738
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: Spam sent in our name

Post by MailEnable-Ian »

Hi,

Sounds like backscatter. Please see: https://www.mailenable.com/kb/content/article.asp?ID=ME020492
Regards,

Ian Margarone
MailEnable Support

bellaonline
Posts: 107
Joined: Tue Feb 28, 2006 7:15 am

Re: Spam sent in our name

Post by bellaonline »

Thank you for your help. That article says to set:

"Authenticated senders must use valid sender address".

My screen says:

"Authenticated senders must use address from their postoffice"

Is that the one?

I have now made the other two changes.

Am I right in determining that there's no way for me to actually stop this Chinese company from naming their mail server mail.bellaonline.com? Is it the responsibility of Hotmail and other recipients to verify the IP address of the sending server and to see that it doesn't match my IP address on file? It seems unless Hotmail and so on do that, users will be deluged with hundreds of spam messages "from me" every single day and I can't do much about that ... it feels fairly disheartening. It means our newsletters we send out are now routinely rejected as spam.

MailEnable-Ian
Site Admin
Posts: 9738
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: Spam sent in our name

Post by MailEnable-Ian »

Hi,

"Authenticated senders must use address from their postoffice", yes that is the option. If the receiving server is not performing SPF checks on the inbound message then there is not much you can do really. Make sure you you have a valid SPF record for your domain. You may also need to implement DKIM signing on your outbound messages to further help Hotmail not blacklisting you.
Regards,

Ian Margarone
MailEnable Support

bellaonline
Posts: 107
Joined: Tue Feb 28, 2006 7:15 am

Re: Spam sent in our name

Post by bellaonline »

OK thank you so much. I am being blocked by several fairly large mail systems like Hotmail so I will do my best writing each one to try to figure this out. I suppose it's a new world we live in, where Chinese (and I suppose other) companies can simply hijack one's mail server name and misuse it.

Post Reply