Sorry for the delay!

Hello, everyone. Sorry for the delay in posting another Blog entry... Things have been somewhat hectic around here. I'm currently "between jobs" and have been for most of the past 6 months or so. I may have alluded to that in my last post.

My latest rant... Spammers who forge my domain name and the idiot sys-admins who bounce that spam back to me!

When the idea was first proposed, I was opposed to things like Domain Keys because I figured it would cause problems for people like me who own a domain, but don't run a mail server. Actually, I have about 3 domains and I'm the only user, so I'm free to use whatever email address I want when signing up for things on the web. Makes it easy to figure out who sold my email address.. for example, I sign up for announcements from BestBuy and use the email address "BestBuy@mydomain.tld" (not a valid email address, by the way, due to the ".tld" extension grin.) Then if I start getting a bunch of spam to "bestbuy@mydomain.tld" I know that either BestBuy sold my email address or their server got hacked. Actually that's quite a nice thing to be able to do...

However, the *problem* occurs when spammers harvest "mydomain.tld" and start using bogus email addresses such as "jimbob@mydomain.tld" to sell V1@Gra and stuff like that. What usually ends up happening is that the sysadmins will accept that email for processing and then, after the fact, realize it's spam or decide that the recipient doesn't exist, so they "return" it to "jimbob@mydomain.tld." Unfortunately, since my domain host accepts email for all email addresses on "mydomain.tld" it gets sent on to me.

Then, when I use Spamcop to complain that these admins are sending me junk, they have the gall to suggest "well, sorry about that... your domain was in the reply-to, so we just sent it where it appeared to come from." See, that's just not right. What they should do, in my not so humble opinion, is either check the recipient against their userlist when accepting email and reject anything that's not a valid user right then, BEFORE the message is accepted for processing, or if they can't do that, silently delete the message. Further, and this would hurt people like me who own a domain but don't run a mail server, they could check to see if the IP address of the mail server that's trying to deliver mail to them matches the domain it claims to be. i.e if 1.2.3.4 is trying to deliver email and is claiming to be "mail.example.tld" they should check to see if it really is associated with "example.tld." It doesn't even have to be an exact match (some mail servers have different "names" that they identify themselves by, so only accepting an exact match would be problematic sometimes.) If, for example, 1.2.3.4 is really identifiable as mail.hijacked.tld (another invalid domain) you could reject it as "not matching" who you say you are. I don't know that there's an actual specification or rejection code, but there could easily be one created for this.

Anyway, my point is that mail admins need to work harder to prevent what's known as "blowback." That's just my 2 cents' worth.