JoeJob emails
There can always be an increased volume of so-called JoeJob e-mails.
Your e-mail address, which the SPAM sender has read from a stolen address book (analog or digital) or from your website, for example, is used as the sender e-mail address. The e-mail itself is sent to any other mailbox anywhere in the world.
You can compare this to an analog letter on which you use your neighbor's address as both the sender's address and the recipient's address.
It doesn't matter where in Germany you put the letter in a letterbox.
Examples of the content of such Joe-Job e-mails:
- Mailer daemon that your mailbox is full (mailbox is full) with the attached, supposedly original e-mail in the form of a .zip file, which in reality hides a virus or Trojan.
- E-mail from your scanner with an attached document that actually hides a virus or Trojan in a .zip file.
- Email with an allegedly attached invoice in the form of a .zip file, which in reality hides a virus or Trojan.
- Alleged warning message that your mailbox will be deactivated in 24 hours.
Increased occurrence of mailer daemons
Have you recently started receiving an increased number of mailer daemons (e-mail bounces) stating that an e-mail inbox is unavailable or that your e-mail has been rejected as SPAM?
Then there is a possibility that you have become the victim of a Trojan or hacker in an open WLAN (hotel, airport, etc.).
You should take the following steps first as a precautionary measure:
- Check your computer for malware. If possible, this should be done from an external system or from a rescue system DVD. The website botfrei.de provides a rescue system DVD for this purpose.
- Change the password of the affected e-mail inbox. To do this, go to your customer menu ' Configuration ' Manage e-mail addresses ' Click on the Edit icon ' Open ' Click on the Key icon to generate a new, secure password. Do not enter the password manually under any circumstances, as it can be spied out again immediately if there is malware on your computer.
Another way to remove malware is to use the FixMeStick USB stick, which can be purchased. This is available on the Internet from various online stores.
Deactivate e-mail catchall
In the customer menu, a mailbox can be stored for each (sub-)domain to which all emails sent to this (sub-)domain are delivered. To do this, edit the domain via Configuration ' Domain management ' Gears ' Open and find the option shown in the image.
With this e-mail catchall function, e-mails for which no mailbox or no forwarder has been set up are delivered to a predefined mailbox. If the e-mail catchall is activated, e-mails are often sent to imaginary addresses such as xyz@name-der-domain.de.
For this reason, it should be carefully considered whether this function is activated or, if it is activated, whether it is better to deactivate it again.
If you want to receive emails with common spelling mistakes in your mailbox, you should set up corresponding alias addresses (aliases). For example,schmitt@name-der-domain.de andschmid@name-der-domain.de can also be defined as aliases for theschmidt@name-der-domain.de mailbox.
Set up SPF Records (Classic Hosting)
In principle, anyone can send emails with any sender address. SPAM senders use this to send emails with real domain names and, in some cases, existing email addresses.
The Sender Policy Framework (SPF for short) is used to determine the legitimate mail servers for a domain. Many mail servers check the SPF entry in the DNS of a domain and reject the delivery of mails sent via an unauthorized (mail) server.
One way to create an SPF record is to use the SPF wizard in the customer menu of our Classic Hosting. In Cloud Hosting, our system creates a standard entry that can be expanded as required.
In most cases, it is sufficient to select the option "Yes" for Websites and SMTP and "No" for Other IP addresses if the email traffic is sent via us.
If you use your own mail server, you must enter its IP address under SMTP IP.
You can access the SPF wizard in your customer menu under Configuration ' Domain management ' Gears ' Edit name server ' New entry. Change the TYPE to SPF so thatthe symbol for calling up the wizard appears behind the "Destination (IP or host)" field. Confirm the entries with OK.
Now copy the created entry, change the TYPE to TXT and then paste the entry again. This is necessary because the TYPE "SPF" has been officially removed from the name server specifications.
Disguise e-mail addresses on websites
So-called spam bots scan websites for usable e-mail addresses. It is therefore advisable to only enter email addresses in disguise, i.e. not in plain text, on the homepage. TYPO3 offers the following TypoScript setting for this purpose:
config.spamProtectEmailAddresses = 1
config.spamProtectEmailAddresses_atSubst = [at]
However, if an address has already been published once in plain text on the homepage, in many cases it is already "burnt". The only solution here is to set up a new address.
Protect forms with Captcha
All request forms on the website should be protected against automated completion with a "captcha". With a captcha, a graphic with a code is displayed which the enquirer must enter into the form. To set up forms on websites, we recommend the powermail extension with integrated spam check.
Store systems and HELO testing
Background
To ensure that the sending of emails via a store or content management system works smoothly in future, care should be taken to ensure that the HELO entry in the header of the email does not specify the localhost but the domain of the website. With TYPO3, for example, this entry is set automatically if the SMTP configuration is correct.
Measures required by the hoster
Future anti-SPAM measures will require a HELO check in which emails with a localhost in the HELO are no longer sent, as this is used by SPAMers to send unwanted emails.
Solution
In Shopware, for example, the corresponding parameter is "Hostname for the message ID". With Magento, there are different plug-ins for sending, so we cannot specify the exact wording. If the domain name is stored there, the emails can still be sent without any problems.