<i>Business mentor:</i> Web-address hijackers take business for a ride

Q. We run a small home business, and some email spam operator has hijacked our company email address. As a result we're receiving hundreds of bounced messages that look as though they originated from our company. This is not good for our business, of course. Our computer technician reckons our ISP is at fault through having an unsecure server, but our ISP argues that smart spammers can hijack anyone's email address. Who is right?

A. Annette Presley, CEO of internet service provider Slingshot, replies:

There are a few possible problems to investigate. First, either the email or DNS server that hosts the domain "mycompany.co.nz" may have been compromised and is allowing this unwanted email to be sent. To the recipient of the email it appears to be genuine, but this can be quickly identified and rectified by a professional internet provider.

The second problem may be that either the ISP or a trusted customer's mail server is acting as an open-relay, which means any spammer can connect to that server and pose as a legitimate user from that company. The email headers will appear to be genuine. No mail server, especially that of an ISP, should be left as an open-relay. This should be rectified immediately by the ISP or the affected customer.

Finally, the most likely problem is that the spammer is sending emails with a faked sender address. Unfortunately the protocol used to deliver email across the internet (SMTP) is too trusting and will accept any sender address you specify.

Anyone taking a closer look at the email would see it was not really sent from a mail server at "mycompany.co.nz" but another server on the internet (often an unidentified IP address without a reverse DNS entry specified). Unfortunately, there's not much that can be done if this is the case but ask your internet provider to help track down where the emails are being sent from so action can be taken. Most internet providers are very proactive in shutting down spammers and will assist you with this.

One possible way to stop the hundreds of bounced messages being delivered and flooding your mailboxes is to disable any catch-all (wildcard) mailboxes that you may have set up - this is a mailbox which accepts all unaccounted emails sent to @mycompany.co.nz. You could also set up intelligent mail filters based on 'Subject' lines and 'Content' on your mail server or individual computers - this will prevent the bounced messages coming through to your inbox.

One final consideration could be to change the worst-affected email addresses used in the spam mail-out. For example, if the spammer fakes a sender address 'admin@mycompany.co.nz' then you could change your own 'admin' mailbox to something like administrator@mycompany.co.nz. This means all bounced messages will not be delivered back to a valid email address and you will not see them.

* For more information Ph 0800 898-000 or email Slingshot.

Slingshot

* Email us your small business question. Answers courtesy of Spring - A State of Mind for Business.