Where does spam come from?

Most spam comes from criminals and shady businesses. Lists of millions of e-mail addresses are readily available for as little as Rs.100/-. To send the spam to millions of addresses, they must use "cooperative" mail servers. Most legitimate mail servers are protected from spammers and most ISP prevent users from sending huge numbers of emails. Therefore spammers have to resort to the following methods:

An open-relay is a mail server which is not configured properly to prevent anyone on the Internet from using it to send e-mail messages. This, though seemingly unintentional, is most often intentional. It is often the result of limited knowledge of the organization which owns the mail server. The organization often does not understand security settings or might just not care about the consequences.

Spammers search the Internet for open-relays and then "program" them to send a continuous stream of spam. The owner of the open-relay typically learns of this via a flood of angry e-mails and then takes steps to shut it down. By then, the spammer has moved on to another open-relay.

No. Spam often has a fake "Return address" to try and fool you into thinking it came from Yahoo, Hotmail, or even Merrill Lynch. There is rarely a real Return-Address.

Most mails are sent from mail servers and personal computers in the US/Canada that have been compromised (hacked) by spammers. Since most spam wants you to click on a link or call a phone number, there is no need for a real email "Return" or "From" addresses.

Some spam is even sent with the same "To:" and "From:" addresses. If you set up a simple spam filter which sends the email back to the sender, you end up sending the spam to yourself, which is the spammer's intention.

While a person can easily recognize spam, it is not easy for computers because they do not "understand" language. Spammers have also learned to defeat most content filters based on phrases and keywords. While you may see "free money" on the screen, the email message may not even contain that phrase; instead, complex HTML code visually places those two words next to each other. Without a vision system, a computer cannot recognize this obvious phrase.

Since sites like SpamStopsHere does not use content filtering based on "obvious" words and short phrases, it is much less likely to block legitimate emails. It can even be used by medical and legal organizations in which legitimate emails might discuss prescription medication, mortgage rates, profanity, and sexual terms.

There is nothing you can do to prevent people from forging your email address (although SPF record checks can help recipients determine that they were forged). Forging the sender's email address for an email message is as simple as changing the "from address" in your email sending programme and anyone can do this.

Only the person or computer who sent the email message knows for sure why email addresses at your domain are being forged, but it is common for spammers and email borne viruses to forge the SMTP mail from address for email messages that they generate. If a spammer or virus forged one of your email addresses and the email that they sent was undeliverable, you may get the bounce (Delivery Status Report or DSR).

A forged email address is used because a message requires a valid mail from address in order to be accepted by the recipient. The virus/spammer :

You typically don't want to block these bounce messages, as it is important to know that someone is forging your email address.

Additionally, many of the forged email addresses at your domain may not even exist. It is recommended that you disable any catchall email alias that forwards email for all non-existent email addresses at your domain to your inbox, or use the Mailboxes feature to reject DSR messages sent to invalid email addresses.

Spam is typically defined in the anti-spam industry as Unsolicited Bulk Email (UBE). This includes any email that you receive that was unsolicited (you didn't initiate or subscribe to) and sent in bulk. As a result, if someone sends you a copy of a resume, or other targeted unsolicited personal email that is not sent in bulk, we can not block it globally as "spam", even if it may be unwanted by you. You can take advantage of the Personal Blacklist feature to block any harassing emails that are not UBE.

Logix service does not affect your security in any way. Our service does not backup or make copies of your email messages. The log files only contain the email addresses of the sender and the recipient. We do not log the entire email message.  

In the event your mail server is off-line, our service will "spool" your email messages. When your mail server is back on-line, it will automatically transfer all the spooled email messages. Even in this case, the temporarily spooled messages will not be permanently saved or backed up.

There is a personal blacklist in the Control Panel, but please do not use this to block any bulk spam that is making it past the filters. Instead, send a plain text message including the complete headers and message source of the bulk spam to the email address specified for this purpose in your Domain Activation email. That will allow us to investigate why the email made it past the filters and find the best way to prevent it from happening again for not only you, but for the rest our of customers.