If the user will agree to let you change his email address that will solve the problem.
I usually just wait it out. Takes a few weeks for the spammers to move on to another address... or at least that's been my experience. -Joe ----- Original Message ----- From: Todd Richards To: [email protected] Sent: Saturday, December 02, 2006 12:03 PM Subject: RE: [IMail Forum] New user problem Thanks Joe. My main concern was that I don't end up blacklisted as a result. So that's some relief. If that's the case, then I would assume giving him a new email address - and removing his old one - would solve this (at least for now)? Or would it be best to just let it run it's course? Todd ------------------------------------------------------------------------------ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Joe Wolf / Internet Specialists, LLC Sent: Saturday, December 02, 2006 11:37 AM To: [email protected] Subject: Re: [IMail Forum] New user problem It sounds like your user is the victim of a Joe Job. A spammer is using your users email address as the return address. My personal email address has been the victim of a Russian Joe Job for the last several weeks... I get hundreds or thousands of undeliverable notices every day. There's little or nothing you can do about it. The good news is that the spammers usually move on to a different address in a few weeks. None of my servers have ever been blacklised as a result... most black lists use IP addresses... not FQDNs. -Joe ----- Original Message ----- From: Todd Richards To: [email protected] Sent: Saturday, December 02, 2006 11:20 AM Subject: [IMail Forum] New user problem Hi Everyone - I'm not sure where this post belongs, so I will post here first. We took on hosting for one of our members mid-week last week, and there is a problem going on. Before the changeover, they complained that one of the users, in particular, was getting a TON of spam with their old host. I proudly said "no problem" as we have things clicking very nicely now with our setup. Well, the switch has been made and said user does not get the spam he was getting before. However, I'm seeing it in that Declude/Sniffer/etc is catching it. The stuff he was referring to as "spam" is bounced messages from other people. Either his email address has been hi-jacked, or his computer has as the bounced messages are coming in that say the message from "Wrong Name <[EMAIL PROTECTED]>" could not be delivered. The trail after that shows that they are definitely spam. I have been looking through the logs and can't see for sure that the originating message is coming through our server (I haven't spent hours looking at the logs). So I can't say for sure that he is sending it through us. But I'm worried about ending up blacklisted for sending this crap. I have asked the end-users to thoroughly scan his computer for problems, and fix if found. There is no on-site tech, so they asked about changing the email address. While I'm not opposed, if it is in fact his computer then that won't make much difference. Am I missing anything? Is there any better way to troubleshoot that you can think of? None of the other users on his domain are seeing this, and I have not seen this type of traffic from any of the other users we host mail for. For what it's worth we are using Imail 8.22 (with ALL patches), the latest version of Declude, Sniffer, and invURIBL 2.7 - all running on Windows 2003 Server. I appreciate any thoughts or direction on this. Thanks! Todd [EMAIL PROTECTED]
