Jan Wildeboer 😷

When spammers don't like you reporting their spam, they will:

- set up a forwarding email address on one of their servers with good DKIM/SPF/DMARC, typically on a domain that will expire soon
- Run a script that spams hundreds of support addresses/web forms with nonsense content using that forwarding address
- Forward all the confirmation receipts to your email address

That stuff is easy to block, but can be quite a nuisance to the affected support teams.

#SelfHost #MailAdmin @homelab

Mar 20 at 5:00pmWeb
Show threadJan Wildeboer 😷3d ago

I guess they will also use the support forms to try to subscribe me to whatever marketing stuff from there.

So I look forward to interesting messages from Bavarian restaurants, Austrian doctors and swiss lawyers :)

#SelfHost #MailAdmin @homelab

Show threadJan Wildeboer 😷3d ago

So I guess for the next few days you can send an e-mail to [email protected] and it will reach me ;)

#SelfHost #MailAdmin @homelab

Show threadLarvitz  3d ago
@jwildeboer @homelab Free E-Mail alias 🙂 Some people pay money for that 😂
Show threadTatone19h ago
@jwildeboer
Show threadTatone19h ago
@jwildeboer I didn't report any spamming, still one of our email addresses started receiving all those autoresponders directed at
[email protected]
I saw that this domain shall expire at the end of the month; hopefully theses emails will stop soon after!?
Show threadJan Wildeboer 😷19h ago
@Tatone Yep, they will. And then they will set up these forwarders again on another domain that will soon expire. And the next one. And the next one.
Show threadbbbhltz3d ago

@jwildeboer

ooooooh, so that's what's happening with one of my email addresses!

Show threadJulian3d ago
@jwildeboer It's probably not related to you reporting them. Most often I'm too lazy to do that and I still get the same kind of spam recently.
Show threadJan Wildeboer 😷3d ago
@julian I tracked deep enough to make the connections between reports I made, the sending domains of that spam, the domains used for these support tickets etc. I am 90+% confident it is more causation than correlation.
Show threadJan Wildeboer 😷3d ago
@julian But I also wanted to document in the open how these support ticket spams work. Regardless of the why. The forwarding address is in all cases a google account, so it comes in via google mail servers. I report these domains to google and that's all I can do. The spammers know that Google typically doesn't care, especially when the domains used expire in a few days/a week.
Show threadJulian3d ago
@jwildeboer Google Account as in Gmail? I'm getting lots of spam forwarded through Google Groups (maybe I should just start filtering that).
Show threadJan Wildeboer 😷3d ago
@julian As in that spam domain uses Google mail services, as you can see when looking up the MX entry in the DNS of said domain.
Show threadadingbatponder  ðŸ‘¾3d ago
@jwildeboer @homelab That is sad indeed. One email address per service might be good to avoid the problem and just shut that one down but... scary to organise , right?
Why can one not set up email with a key system so if sender does not have the public key it goes into spam?
Show threadheine3d ago
@jwildeboer so you assume they do this out of pure revenge? I had this in the past and wondered what was happening. But I never reported anything, I think 🤔
Show threadJan Wildeboer 😷3d ago
@heine I've been in the business of spam fighting since more than 20 years. Yes, this is how they act. Childish shit to annoy people like me.
Show threadHenri Schmidhuber2d ago

@jwildeboer @heine
i didn't report any spam and i think nearly all Domains on my Mailserver get this "spam"
One time when i got bombed with that stuff, there was one paypal-email and an order in it, which used my Name and bank details (50€ for honey).
You can pay with a PayPal guest account using a bank account nr.
I had to cancel the order and deal with PayPal.

How do you block it?