torite — 2012-07-25T21:10:29-04:00 — #1
I am constantly receiving email bounce notifications. The bounce notifications are sent to random addresses on my domain, such as BAKJSGKAG@mydomain.com. None of these are real accounts I have set up, but I know that if I receive mail it always goes somewhere.
What can I do about this? Is it a problem on my end w/ the software I have installed or is it a problem with my host? I am worried that a spammer or some other person is sending mail from my domain.
If it matters, I have php mailer on my site, and occasionally some of the more verbose return emails will mention it.
dklynn — 2012-07-26T00:02:50-04:00 — #2
Either they are sending from your domain (from your mail server) or just abusing your domain in their return e-mail address. The first can be "easily" handled by requiring that your e-mail server validate the sender's credentials (username and password) - if you're on a VPS/dedicated plan. If shared, you'll have to ask the host to require valid sender credentials. Of course, it's possible that you've been hacked to have a look at your files - better yet, ask your host to run a maldet scan on your account. Okay, return e-mails mentioning your mailer would indicate you've been hacked to get on the maldet scan ASAP, change ALL your account and FTP passwords (use http://strongpasswordgenerator.com) and delete/upload from your master file set all .js, .php and .htm(l) files.
If it's just bogus reply to e-mail addresses, all you can do is ignore it (or report these to Spamcop.net - they look into the header information of the e-mail and report abuses to the sender's server as well as the host for any website linked in the original messages).
torite — 2012-07-26T00:08:11-04:00 — #3
Thanks, I am definitely going to do that. I didn't know some of that was possible, so I appreciate the list. I started by removing php mailer temporarily.
jedito — 2012-08-02T14:28:32-04:00 — #4
If you host allow it, you can enable SPF records and domain key directly, otherwise, you can ask them to do it for you.
dklynn — 2012-08-03T01:11:08-04:00 — #5
I think that only helps of you're receiving the OP's e-mail - but it's something which really should be done these days.
Unfortunately, the OP is on a shared server so (s)he has little control over the EXIM or IMAP server.
coloradojaguar — 2012-08-10T17:36:22-04:00 — #6
Yes, shared servers don't allow the same level of control as other types might. Shared account users are pretty much at the mercy of the hosting provider when it comes to those levels of settings. But, it never hurts to call your provider and see what type of custom settings they can use for you without interfering with the other users.