Facebook Pixel
Join our Facebook Community

Spam Emails from ProBlogger

Posted By Darren Rowse 9th of March 2007 ProBlogger Site News 0 Comments

Just a short note to let those who may have received spam from a problogger.net email address today that this was not actually sent by me.

A spammer who is using a legitimate email that I sent from one of my other blogs as a cover for his ads then sent the email from a problogger.net email address.

You can read full details of what they did here. My apologies to those who were sent this email – I understand that you are upset by it but it is not something that I had any control over and is not something I am connect with what so ever.

About Darren Rowse
Darren Rowse is the founder and editor of ProBlogger Blog Tips and Digital Photography School. Learn more about him here and connect with him on Twitter, Facebook, Google+ and LinkedIn.
  1. I have spammers using my domain to send junk mail from too – The only way I know is because I receive “Mailbox full” and “out of office” notices. The sender address is normally [some random characters]@[my domain].co.nz

    Systems like http://www.openspf.org/ and http://en.wikipedia.org/wiki/Sender_ID might help

  2. I have a feeling that some stupid script kiddy is having fun sending spam e-mail and viruses with other people’s e-mail addresses. Don’t they have lives?

  3. “Don’t they have lives?”

    No..and sadly they make money at it.

  4. Everyone should be adding SPF records to their domain name. This makes it easier for mail servers supporting SPF (like Gmail) to indentify email forgery.



  5. Hi Darren,

    I’ve had jerks do this with several of my domains.

    Adding something called an SPF Record to your DNS helps.

    See: http://www.openspf.org/Introduction

  6. You know you’ve made it when the spammers come.

    Just about the only positive one can draw from such a scenario.

  7. Such is life, unfortunately. Consider yourself lucky that you’re not as bad off as eBay or Paypal whose email addresses are spoofed constantly for this kind of thing for more malicious purposes. I know it’s an inconvenience to you, but they’ll get over it soon when the novelty wears off. As long as they’re spoofing your email address and not accessing the email account through your server, you’re in the clear, and I wouldn’t really worry about it too much.

  8. A lot of people on-line, in the blogosphere and otherwise are thinking about/actively looking for the “next big idea” that could make them famous … or rich … or both.

    I’ve been actively working on different facets of the Internet since long before it was called “the Internet” … can anyone still spell “DARPA”?

    When the first implementations of email were first introduced a common cry from the network gurus and engineers was, “This method is no good, we need something that can’t be so easily spammed or spoofed.”

    twenty plus years later the situation hasn’t gotten better, if anything it is worse. It is almost trivially easy to masquerade as anyone and send out mails in their name. A true opportunity awaits the smart guy/gal who can devise and implement a real solution.

  9. […] After being the victim of a Spammer hijacking my newsletter for their own purposes earlier today there are a few lessons that I’ve learned: […]

  10. At least to me, you don’t need to apologize. I got the same e-mail and spent a good 10+ minutes wondering why you would write W8 loss in the subject line, and why the e-mail address was problogger.net while the content was from your digital site. I was only wondering to myself: “Hmmm, Darren is cuckoo after all.”

    It would be interesting to know how they spoofed the account or how they got hold of the account while putting in legitimate content in the newsletter along with their ad in the end.

    I was just kidding about the cuckoo thing, by the way.

  11. SPF is not the answer: it breaks some mail forwarding and relaying systems (which is what gives email some of its flexibility and usefulness); it is implemented in DNS, which itself has little security; and more spammers use SPF than legitimate emailers according to http://www.theregister.co.uk/2004/09/03/email_authentication_spam/

  12. This happened to the company that I work for. We found out that the thing that was allowing the spammers to hijack our domain was that we had a “catchall” email account. When an email goes out, the receiving server checks to see if the sender account is valid by pinging (or something) the server that it’s supposedly coming from to see if the account is valid. Since a catchall will accept email from any non-valid email account on the domain, it accepts this “ping” and the receiving server thinks the account is valid. We disabled the catchall account, and haven’t had a problem since. If your domain is being hijacked by spammers, make sure that your catchall is disabled.

  13. […] I’ve been following an issue over at Problogger.net wherein Darren Rowse became a victim of a spammer who hijacked his domain and used it to send spam through his newsletter. I did not receive any spam from Darren so it’s either I’m among the lucky few whom the spammers missed or I’m no longer subscribed to the Problogger newsletter. As always, Darren has managed to turn something disastrous like this into something positive by sharing the lessons he has learned from it. […]

  14. Spamming with others people domains is a nasty one. It is hard to imagine, how much more nasty spammers can become.

  15. Same thing happend to one of my client. You could prevent that problem in the future by adding SPF record to your domain.
    At the moment the report for your domain shows:
    “Your domain does not have an SPF record. This means that spammers can easily send out E-mail that looks like it came from your domain, which can make your domain look bad (if the recipient thinks you really sent it).”

A Practical Podcast… to Help You Build a Better Blog

The ProBlogger Podcast

A Practical Podcast…