Domain spoofed for sending UCE?

[lokki]

This gets twisted, so please bear with me!

I recently used NetworkSolutions' DNS tool to request a change in nameservers (moving a domain to Jag). There were some hassles involved, and I exchanged a few heated emails with the 'service' staff at NS.

In the course of this, email to the domain in question got royally screwed up. Thanks to Jag's support staff, it appears to be working correctly, now.

The problem is that I have gotten upwards of 300 bounced emails, all claiming that I sent UCE (spam) to undeliverable addresses. God knows how many more actually arrived. I've finally gotten the :fail: directive set up on my account, which seems to have slowed the onslaught.

My question is this - is it possible someone has been using my domain in their UCE floods all along, and I just never got bounces due to my previous host failing unroutable emails? In the past, I have rarely gotten email that went to a non-existant address, but it has happened.

Or, is it possible that something happened during this crap with NS to open my domain up to spoofing? If there's a remote chance NS had something to do with it, by error or otherwise, I will be out for blood (I have a long history with them being complete freaking idiots).

Additionally, what can I do to stop this? I don't want my domain to get nailed because some *#$&#*(@ is using it for spam.

AARRGGHH!!!

[jason]

Exactly whay are you still using Network Solutions? I dumped them long ago, pretty much right after they lost their monopoly. I've used a couple other registrars and get much better service for a much lower cost...

Chances are good that the spam being sent using your domain never touched your server (other than the bounces). It is quite easy to spoof the headers of email messages and send them trhough virtually any SMTP server. It could be something that just started happening or it could be something that's been going on without your knowledge because of your past host blocking NDR's. Its hard to say.

It is, however, highly unlikely that Network Solutions has anything to do with this. All they do is manage which DNS servers requests for your site are pointed at. They don't touch mail servers or anything else. Like I said, it is probably someone spoofing your domain.

--Jason

[lokki]

thanks jason,

my paranoia runs deep, and I've had serious clashes with NS before. I'd love to think they had something to do with it, since the timing was VERY suspicious. The only reason I'm still with them is that I paid through the nose before there was competition, and have until 2007 for my domain to expire

I'm thinking about cutting my losses and signing up with Hostway (unless there are better suggestions).

As for the spoofing thing, I'd hate to think this has been going on for long.

Is there anything that can be done about it?

[Spathiphyllum]

It seems like I remember seeing some DNS services pay for your transfer to them from a current DNS service with the condition that you add a year to the current registration. Maybe that policy has changed but it might be worth researching.

Peace of mind, less grey hair, and better support is worth losing a few bucks. I'd be inclined to switch if I were in your shoes... three more years of misery is just too long if you really think that Network Solutions is mucking things up.

[jason]

Yes, the SOP for transfering registrars is that you pay for an additional year and the new registrar takes over. You don't lose any time for which already paid, you'll just extend your registration to 2008 now.

--Jason

[lokki]

good to know... I'm off to research this, and hopefully to dump NS.

After cooling off, I'm sure NS didn't have anything to do with it, I was just extremely ticked about a number of problems with them. Wanted to add something to the fire

Anyway, thanks both of you for the insight!