Getting Spam?

It’s not from here.

I’m receiving a lot of bounceback responses at the moment as a result of spam emails claiming to be from various addresses @zoril.co.uk. That bit is called backscatter.

A sample of the backscatter I'm receiving
A sample of the backscatter I’m receiving

I assure you the spam is nothing to do with me, someone is just spoofing my domain name (see this article which explains spoofing quite well and this Wikipedia article on spoofing).

If I was sending spam, I would show up on a blacklist fairly quickly.

I have an SPF record linked to zoril.co.uk that describes what services are allowed to use my domain in emails. Many email services will check this and use the information to help flag the emails as spam, others will just happily place them into inboxes, which is probably why you’re here.

There is a slightly more powerful option called DMARC but unfortunately my domain host doesn’t allow me to create the necessary records to turn it on!

So sadly I can’t offer any solution as it is absolutely nothing to do with me or my website. All I can do is urge you to ignore the emails.

There’s quite a range of different IPs sending the original spam messages which suggests it’s probably a botnet.

Update 26 Oct 2016: my domain host has finally made it possible to create the necessary records to get DMARC enabled, I may yet stop this. It’s running in monitor mode at the moment to make sure there won’t be problems for any valid emails. /

Leave a Reply