Yesterday I noticed that some spammers had stolen my email address
(info(at)aguntherphotography(dot)com) and used as a return address for
spam emails. Now i got all these people upset at me.
What can I do? How can i prevent this from ever happen again?
The SPAM point to these two addresses:
http://psnfjtrsk3e.urchoise.com/
http://zndtelbywo.urchoise.com/
urchoise.com is registerd to a guy in rotterdam.
I hope they rott in hell for soiling my reputation.


--
----------------------------------
http://www.aguntherphotography.com

On Sun, 19 Jun 2005 20:02:18 GMT, andre wrote:
You stop spam emails by deleting the email account. email_usage_search_tag

1. Don't use it in web pages or a junk contact email address.

2. Munge it on Usenet where it shows up in the header of your post.

3. Tell everyone you give it to, to not store it in their address book
where viruses/malware can steal it.

4. Tell them to never send you a card/joke/info from a web site.
Just cut/paste and email it or just send the url to you.

5. Tell them not to give the email address to anyone and if anyone
wants it, to send their address to you and you will send them the
address with the usage rules.

6. Use different browser for surfing and verify your email address
is not in the browser config settings.

7. Use a search engine to verify something like andri_gunthr@ is not
already used by someone at anytime when picking an email name.

8. Get throwaway email addresses for any online ebusiness

9. Use different semi-permanent email addy for each bank you do business with.

10. Different addy for friends and family. That way you a chance to
figure out who let the address out.

11. I got rid of the Microsoft OS so half of the problem of leaks goes
away and I will not catch malware to compromise someone elses address.

12. Check if your ISP account/profile to see if there is a check box
about sharing your info amoung their business partners.

13. Use a seperate email application where you can turn off java and
javascript and email client does not call other apps based on what
might be in an html email.

andre wrote:

It's a troll. If it knows how to crosspost and to munge, then the
question is bullshit.

--
Jack.

Jack wrote:
dissapointed that my ISP and webhosting provider (both yahoo) doesn't
care. They don't seem to be interested. I deleted the email account
immidiately, but I am afraid the damage to my reputation has been done
already. It is very frustrating. I had my contacts page blocked from
search engines and somehow I was not counting on people being such
A**H**ES. Its just frustrating.

Andre

--
----------------------------------
http://www.aguntherphotography.com

In <42B64B11.5010006@sbcglobal.net> andre <andre.gunther@sbcglobal.net> writes:

Unfortunately there's not a thing the ISPs can do. It's just as easy for
someone to forge a return address on e-mail (in this case, yours...) as it
is to scribble your ex-girfriend's name on an envelope you drop in a
mailbox.

In other words, the fake mail doesn't come from their servers. The most
they can do for you is, if anyone complains, is send back a note saying
that you're not guilty of spamming and that some [expletive deleted] typed
in your username/domain.

Even though (in many of these cases) forging a return address or faking
the identity is a crime, none of the law enforcement types will usually
care about backtracking.

Rest assured that almost, almost, everyone out there understands about
this faked return-address issue, so while you may see some atutomated
bounceback, no one's going to attack you in return.

(well, there's probably some idiot or another somewhere).
--
__________________________________________________ ___
Knowledge may be power, but communications is the key
dannyb@panix.com
[to foil spammers, my address has been double rot-13 encoded]

andre <andre.gunther@sbcglobal.net> writes:

It happens to everyone. The problem is that one of the people you have sent
email to allowed themselves to hacked. Many viruses send out emails by
randomly selecting two email addresses from the addressbook of the hacked
machines-- using one as the To: and teh other as the From:

Get better friends/aquaintances who do not allow themselves to be hacked:-)


Don't worry, most people know about From: address spoofing. ie, they do not
believe the From address on spams. Some have not heard about it yet. Tell
them what happened.

[proper followup set]

In alt.spam - article <ebkte.993$Bx6.810@newssvr13.news.prodigy.com>,
on Sun, 19 Jun 2005 20:02:18 GMT, andre says...
The first step towards reducing domain forging is to establish an SPF
record in DNS for your domain.

http://spf.pobox.com

It's extremely simple and is only a single TXT line in DNS.

Any email admin accepting email with a "From:" domain that has a
restrictive SPF record is contributory in the amount of spam they
receive, their servers should reject it if it doesn't come from the
specified IPs.

When I say restrictive, I mean one ending with "-all". You'll
understand after reading "Mechanism Syntax" at
http://spf.pobox.com/mechanisms.html

Yahoo may give you a hard time, they're promoting a different, more
complicated mechanism. SPF is the way to go, if Yahoo won't do it,
move.

With a restrictive SPF record, you wouldn't get angry responses from
AOL users.
http://postmaster.aol.com/spf/

--
Listed by SPEWS, the answer is quite simple, read :
http://spews.org/bounce.html, follow the link to :
http://spews.org then follow the link to :
http://spews.org/faq.html then contact your provider.

On 20 Jun 2005 06:19:44 GMT, Unruh <unruh-spam@physics.ubc.ca> wrote:

Somebody could have gotten his email address from almost anywhere -
usenet,

Somebody could have gotten his email address from anywhere, ie usenet,
web page, a business card or where ever.

Telling someone that "one of the people you have sent email to allowed
themselves to be hacked" is nonsense.

While it *is* possible, it's decidedly more unlikely then finding the
email address on the op's website.

<cough> Crap </cough>

Agreed.

Dazz

On Mon, 20 Jun 2005 17:58:17 +1000, Dazz <cashdj@hotmail.com> wrote:

<snipped>

There's nothing quite like writing *almost* the same thing twice. :-(

Dazz

On Sun, 19 Jun 2005 20:02:18 +0000, andre wrote:

First, put a statement on your home page explaining what has been done to
you. Tell your visitors that someone is forging the return address with
your email address. You may also want to set up an autoresponder to do
the same. It would also be a good idea for you to inform your ISP or
upstream provider about what is happening.

I also recommend visiting http://www.plaza1.net/SpammerSlapper and telling
people you know to do the same. The certificate presenteed is just to
give the applet the ability to visit websites advertised in spam. Just
set your browser to not accept cookies and then minimize the window.
Let the spammers catch hell for a change.

local wrote:
SpammerSlapper appears to be a DoS tool, and using it may violate both
your ISP agreement and local laws. It is also a kind of tool that many
regulars in this newsgroup object to, on the grounds that it is
hypocritical (and arguably unhelpful) to fight abuse with more abuse.

--
Jack.

Jack wrote:
refers to alt.spam.

--
Jack.

"Jack" <jack@nospam.jackpot.uk.net> wrote in message
news:d9egji$hk3$1$8302bc10@news.demon.co.uk...
The ends justify the means.