Am I Spamming You?

July 7th, 2010

I’ve been having major spam issues with my Google Mail accounts over the last couple of months. It started in May, when my inbox received a barrage of failed delivery emails.

Each one seemingly sent from [random_string]@icedcoffee.ie. The automatic return emails are from ‘Postmaster’, ‘Mail Delivery Service’, ‘Content-filter at…’, ‘Mailer-Daemon’, ‘(unknown sender)’ etc, with various expected subject lines such as ‘Delivery Status Notification (Failure)’, ‘Delayed Mail (still being retried)’, ‘Permanent Delivery Failure’. One or two have been automatic ‘Out-Of-Office’ replies. So far, I have heard from two friends that they got spammy emails advertising some sort of herbal product.

Here is a screenshot of my inbox as it looks at the minute (Click for bigger). Here is a screenshot of my Spam folder; on the bright side, at least it is catching most of it…

spam

When it first happened, I changed all relevant passwords; those of my Gmail account (an email which has sent out some of the emails, but not one that I use often, or the main culprit) and my Google Apps account, which manages all my email. Regardless, in the last few days it has started up again. Filling my inbox, potentially pissing off real people occasionally, and not least of all worrying me about the security of my email accounts and other associations with Google.

If anyone could offer some suggestions, a method of informing Google of this issue, and ideally a solution to the problem plaguing my inbox, and potentially that of others, I’d be very appreciative.

Tagged: , | 5 comments »

5 Comments

I think what may be happening is that your domain has been chosen by spammers for bulk mailings for the “From:” field. It’s a substantial flaw in Internet mail that you can put whatever you like in that field and nothing checks it.

The spammers are probably sending out many mails with @icedcoffee.ie as the “From:” field. When a responsible server tries to deal with a delivery failure on that, it will look up the “owner” of the domain and return the mail. Obviously bulk spam creates many failures with dead or non-existent destination addresses.

So the problem isn’t with Google, it’s with the registration of your domain. It would be very naughty to change the registered e-mail address of the owner of that domain to a non-existent one, but that would make your problem go away. Wink.

Posted by Steve Graham on 07 Jul 2010 at 4:52 pm   Reply to this comment

Oh! Hi Steve – I was just about to say exactly the same thing! But even chaning the email address for the Domain won’t stop it. The bounce will just go back to whatever was in the From field, regardless of any registered email address against the domain.

Sorry Phil – there’s not really anything you can do about it. If I were you I’d set a filter in Gmail to trap all the common phrases in the emails and delete them immediately.

Oh, and if you’ve got any spare “VjaqrRa pProfsEssioNal” I’ll take some ;-)

Posted by Stephen Barnes on 07 Jul 2010 at 5:25 pm   Reply to this comment

@Steve Graham – Thanks Steve, will take a look into that.

@Stephen Barnes – No, but I have some VjaqrRa supeer acgtivve. It’s supeer!

Posted by Phil O'Kane on 08 Jul 2010 at 11:46 am   Reply to this comment

Same has happened to me on my inphotos.org domain a few times. Really sucks :(

Posted by Donncha O Caoimh on 08 Jul 2010 at 9:12 pm   Reply to this comment

I seem to have a similar thing happening with my own domain, but rather than many addresses, it’s just my primary me address.

I’d say about eight times a day or so, I get a mail in spam claiming to come from me for Viagra. It’s really infuriating the fact that it’s happening, and I’m really annoyed at how my e-mail was able to be harvested for use in such purposes. If only there was some sort of central database or so where domains could “register” their e-mail server so that whenever an e-mail is sent to someone, their provider can check the database and if the mail comes from somewhere other than the registered server, it’s not delivered.

Posted by TheChrisD on 10 Jul 2010 at 1:48 pm   Reply to this comment

Leave a comment