Herself's Webtools

So what happens when a spammer spoofs your email address and you start getting complaints from your not so techy relatives? Or your ‘catch all’ email address has a zillion bounces?

If it is a friend or relative, first have them forward you the email with full headers. Have you been spoofed or have you been hacked? Check the IP address. If you are using gmail, click the little tiny arrow next to ‘Reply’ and select ‘Show Original’. It is usually clearer on other email platforms. You will see several ‘Received: by followed by information. The bottom one is where the email was originally sent from. Are any of them your website IP? If so you need to get on the phone with your hosting company and secure your ( or their ) email server. Make sure your SMTP server requires authentication.

Most likely it did not originate on your server. Most likely it is the IP address from some spammer or some poor soul whose machine has been hacked. You may or may not get useful information by using Arin to find out who the offending IP belongs to. Each IP is a bounce that email went through on its way to the final recipient. Sometimes useful information can be gleaned from doing reverse IP searches on the bounces. Perhaps it left a home IP address from a IP pool but bounced off the work server of the person doing the spamming. So check out each and every one.

More often than not you will find a relative’s IP number whose computer is riddled with viruses, or find nothing useful at all. If it is a friend or relative’s IP number, offer to go clean out their computer. You can find your friends and relatives IP addresses in the header information of emails they have sent to you.

A ‘catch all’ email is one you set up with your hosting company. All emails improperly addressed to your domain end up in the catch all email. This is a useful tool for finding out that a domain of yours is being spoofed. It is not an email address you want downloading to your phone or home computer. It can get busy.

There is little to nothing you can do unless you are very lucky finding the source of the spoofed emails.

More information:
100 email bouncebacks? You’ve been backscattered
Spoofed/Forged email ( Cert.org)

I have to say this is the easiest of all the WordPress upgrades I’ve done.  Previously I had troubles if I didn’t delete the previous WordPress install.  Not this time.

I upgraded 8 blogs today.  I just ftp’d the new files up to the server and everything went painlessly.  Database upgrades took mear seconds, all the plugins I have installed work.  The automatic update plugin worked flawlessly.

I find I like the new dashboard much more than I thought I would.  I played with the release candidates last week and was so so on the new dash.  However I find in actual use it is greatly improved.

The new editor alone is worth the upgrade.  This one remembers where the line breaks and paragraphs are located.

The new multimedia is not yet ready to replace Coppermine or other galleries of that sort as I hoped but has greatly improved the ease of storage and embedding multimedia into your site.

I think it is a huge improvement over 2.3.x and highly recommend it.

WordPress 2.5 information