Those who follow me on Twitter know that I’ve been having a bit of a problem with spam. Actually, it’s a pretty big problem.
Spammers are ingenious when it comes to keeping their identities secret. One of the ways they do that is by email address spoofing. As this article explains:
Have you ever gotten spam from yourself? I have, and I’ve been thinking hard about how to stop it! I didn’t send it. It came from a spammer. If we could stop spammers from forging mail, we could easily tell spam from ham and block the bad stuff.
So what’s so bad about email spoofing? Well, for one, it gets your domain marked as spam. And that marking results in the inability for you to send emails. In my case, the spammers got my domain so marked – and mail I send to certain address, including those at AOL, Netzero, Juno and others, simply bounces back.
The answer seems to be putting an SPF record in the DNS record of your domain. Is that enough acronyms for you? Don’t ask me to explain, because, despite reading everything I could on the subject, I still can’t. But I did find a couple of wizards online that will create the SPF record for you. And I’m hoping that the one I created and put into my DNS record is correct. I guess we’ll find out soon enough.
In the meantime, I’ve been going to each of the ISPs and asking for them to unblock my domain. So far, I’ve been successful, with one exception: virginia.gov
Yep – the fine folks at the Virginia Information Technologies Agency, better known as the beleagered VITA, have blocked my domain. Worse still is that nowhere on the website is any contact information for such things. I sent an email to the address shown on their contact page and it promptly bounced. Duh! Using another email address on a different domain, I sent the following email to them:
From: Vivian J. Paige
Sent: Tuesday, January 19, 2010 10:23 AM
To: VCCC (VITA)
Subject: Blocked domain (was: Delivery Failure)It appears that my domain has been blocked by VITA. The domain in question is vivianpaige.com, not the one I am sending from now, as any attempts to send from that domain are rejected.
I have been having a heck of a time with spammers using my domain. My webhost is XXXX and I’ve requested that an SPF record be added to my DNS to help prevent this. In the meantime, I’m having to request on a case by case basis that my domain be unblocked.
What do I need to do in order to get this taken care of?
Thank you.
—–Original Message—–
From: System Administrator [mailto:System Administrator]
Sent: Tuesday, January 19, 2010 9:54 AM
To: XXX@vivianpaige.com
Subject: Delivery FailureCould not deliver message to the following recipient(s):
Failed Recipient: XXX@governor.virginia.gov
Reason: Remote host said: 554 CMailA.vita.virginia.gov
I think I was pretty clear what the problem was. Further, I included the original bounced message so that they could see what the error message was. You’re not going to believe their response:
Thank you for contacting the Vita Customer Care Center. In order for you to contact the Virginia General Assembly you will need to go to the following website: http://legis.virginia.gov/ . This page also includes a contact us link at the bottom of the page that may answer all of you questions.
Thank you again for contacting the Vita Customer Care Center.
Um, WTH? Seriously – was that just a canned response? Or did the person reading my email have no idea what a domain is?
I called VITA as well. Unfortunately, I’m not sure that the person with whom I spoke knew anything more than the one responding to my email. But at least he wrote it down and gave me a case number.
I’m thinking two things here. First, I think email hosts should, by default, include an SPF record in the DNS. Just a basic one, and something that can be tweaked, but something to ward off the spammers.
Second – contracting out VITA was a really bad idea. Can they at least get a technical support link on the website?
VIVIAN J. PAIGE | All Politics is Local 
And here I thought you were going to be knocking down the Volunteer Income Tax Assistance program π
Well… except that’s not tech-related π
MB: Having writen a story today about the tax assistance program, I had the same thought as you.
Viv: If only your e-mail domain name was the only thing that other VITA had screwed up.
As a student of Woodrow WIlson Rehab Center in Fishersville (who’s had to put up with vita’s bullsh!t – excuse my French please, I’m that pissed off):
They’re so lazy that it takes an entire week for them to restore access to Student Email (which could’ve been done in 5 seconds by us IT students*)
* There’s about 9 of us students training for IT, and all of us could’ve easily fixed the email problem in five seconds: the server just needed to be rebooted to apply a Microsoft security patch. The problem is that Richmond is a bunch of control freaks
Welcome to your future, Michael.
Interesting experience, here. I run a number of my own domains (including my rather essential last name (well, essential to me)), and while I’ve suffered more than one slew of backscatter emails from domain hijacking, I’ve never (to my knowledge, anyway) had ISPs independently blacklist me. How did that happen, here? And how did you find out about it? From your own emails to that domain and the resulting bounces (like the email quoted above)?
~
Also, thanks for the SPF suggestion. I remember seeing that years and years ago, and it being rejected out of hand by all the big players (so I ignored it). I’d not revisited the matter until you mentioned it a couple of days ago. I’m in the process of trying to set it up for my domains. I hope it will avoid the practical DDOS attack I suffer every few months when my domain gets its turn in the spammer spoofing queue . . .
How did it happen? There are blocklists out there of server IPs that originate spam emails. If you get on the lists, as the various IPs update their blocklists, you end up getting blocked.
How did I find out? When the emails started bouncing. They give a reason (like the 554 above) and then I Google’d it to find out what it meant.
The SPF thing is not a panacea, but it helps. The more widespread the use, the better it will be. But you do have to be careful in setting it up.
I’ve got another domain that has never been blocked. (This, by the way, isn’t the first time I’ve been blocked, just the first time it has been so extensive.) That domain is hosted by a different web host. I’m beginning to wonder if my web host is the problem. (Of course, I’ve been meaning to change web hosts for well over a year now and have never found the time.)