Menu
Reply
Highlighted
  • 22
  • 0
  • 1
Tim-H
On our wavelength
1,401 Views
Message 1 of 19
Flag for a moderator

How can I block a whole domain? i.e. clialiedge.com

These a-holes continually spam me at least ten times a day and its increasing. Although the domain is the same every time the name is just a random bunch of letters and numbers so the address is different every time. This means that every email gets through and I have to continually send to the spam folder or blacklist every email from that domain.

Is there a way to fully block the domain, i.e. clialiedge.com

Thanks for any answers to this. This bunch of tossers are driving me nuts.

0 Kudos
Reply
  • 2.94K
  • 321
  • 982
Superuser
Superuser
1,386 Views
Message 2 of 19
Flag for a moderator
Helpful Answer

Re: How can I block a whole domain? i.e. clialiedge.com

Create a filter rule similar to the following…
2018-12-21.jpeg
BTW, if you find you are having to create more that a couple of these filter rules to handle spam then maybe it is time to look for another email service provider; preferably independent of any ISP.

  • 22
  • 0
  • 1
Tim-H
On our wavelength
1,368 Views
Message 3 of 19
Flag for a moderator

Re: How can I block a whole domain? i.e. clialiedge.com

Thanks for the response. This is the first time I've had to create a rule like this since Virgin took over from Blueyonder so I'll stick with my existing email for now. I do have others though if it becomes necessary.

 

 

 

 

0 Kudos
Reply
  • 931
  • 112
  • 623
coenoby
Well-informed
1,365 Views
Message 4 of 19
Flag for a moderator

Re: How can I block a whole domain? i.e. clialiedge.com


@Tim-H wrote:

These a-holes continually spam me at least ten times a day and its increasing.


I have been there in the past, many times Smiley Frustrated with my old (non VM) email address so I sympathise.

You don't say how long this has been going on but my experience always was that the spammers hit you hard initially but then it usually tails off after 2 or 3 weeks as they switch to spamming new victims.

One piece of advice I would give in addition to 用心棒's advice about switching email provider (Gmail's spam filter is brilliant Smiley Wink )is to also set up a separate email address for signing into things such as free wifi hotspots or any other website or business who insist on an email address but who you really don't need to get regular emails from. That address will get spammed but you don't need to check it regularly and you can always scrap it and start a new one.

Coenoby

*******************************
I am just another Virgin Media customer.
If someone posts a useful reply you can say thanks by clicking on the thumbs up sign in their post.
If someone posts a message that solves your problem it helps everyone if you mark their post as a Helpful Answer
  • 22
  • 0
  • 1
Tim-H
On our wavelength
1,356 Views
Message 5 of 19
Flag for a moderator

Re: How can I block a whole domain? i.e. clialiedge.com

Thanks coenoby. I actually have two other popular email providers and also a disposable temporary email which I use for the very purpose you suggest. I'm usually careful about who I give my email address to but this lot must have slipped through the net somehow. Probably my fault.

Thanks for the response though and I have now created a new rule as 用心棒 suggested. Hopefully that will sort it and after getting no response from me they'll hopefully try elsewhere.

 

0 Kudos
Reply
  • 931
  • 112
  • 623
coenoby
Well-informed
1,349 Views
Message 6 of 19
Flag for a moderator

Re: How can I block a whole domain? i.e. clialiedge.com


@Tim-H wrote:

this lot must have slipped through the net somehow. Probably my fault.


Not necessarily your fault.

Spammers do use software to generate usernames to apply to popular email domains such as the VM domains. It can be a surprisingly successful way to generate large lists of email addresses (I'm told!).

Also, one of your email contacts may have had their contact list hacked, perhaps by malware on their device.

Unfortunately, if you have an email account it is going to get spammed eventually.

I'm glad to hear you are well prepared. Smiley Happy

Coenoby

*******************************
I am just another Virgin Media customer.
If someone posts a useful reply you can say thanks by clicking on the thumbs up sign in their post.
If someone posts a message that solves your problem it helps everyone if you mark their post as a Helpful Answer
0 Kudos
Reply
  • 8
  • 0
  • 2
romerfamily
Tuning in
1,101 Views
Message 7 of 19
Flag for a moderator

Re: How can I block a whole domain? i.e. clialiedge.com

Why has VM not blocked this domain from its email system.

It can be seen from the above comments that it has been spamming many users for several weeks.  And typing it into Google quickly shows it is not a legitimate site - yet still nothing is done to kill it.

 

Why?

  • 16.44K
  • 899
  • 6.39K
Superuser
Superuser
1,092 Views
Message 8 of 19
Flag for a moderator

Re: How can I block a whole domain? i.e. clialiedge.com

The domain itself is a valid domain.  registered via Godaddy.

Domain Name: CLIALIEDGE.COM
Registry Domain ID: 2104064463_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Updated Date: 2018-03-16T14:02:42Z
Creation Date: 2017-03-11T15:06:12Z
Registry Expiry Date: 2019-03-11T15:06:12Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: 480-624-2505
Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Name Server: NS31.DOMAINCONTROL.COM
Name Server: NS32.DOMAINCONTROL.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2019-01-07T18:47:58Z <<<

It uses a legitimate email service Zoho Mail to receive (and possibly deliver the mails).

C:\Users\timdu>dig mx clialiedge.com

; <<>> DiG 9.10.6-P1 <<>> mx clialiedge.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62627
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;clialiedge.com. IN MX

;; ANSWER SECTION:
clialiedge.com. 3599 IN MX 10 mx.zoho.com.
clialiedge.com. 3599 IN MX 20 mx2.zoho.com.
clialiedge.com. 3599 IN MX 10 inbound-smtp.us-east-1.amazonaws.com.

;; Query time: 43 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Jan 07 18:49:37 GMT Standard Time 2019
;; MSG SIZE rcvd: 136

They also appear to have an Amazon Web services account.

So were I receiving spam mails from this domain.  I'd probably launch a three pronged attack.

1. Contact abuse <at> godaddy.com
2. Contact postmaster <at> zoho.com
3. Report them to Amazon using the information here - https://aws.amazon.com/premiumsupport/knowledge-center/report-aws-abuse/

Just a thought.

Tim

 

________________________________________


Only use Helpful answer if your problems been solved.

  • 16.44K
  • 899
  • 6.39K
Superuser
Superuser
1,047 Views
Message 9 of 19
Flag for a moderator

Re: How can I block a whole domain? i.e. clialiedge.com

I have had some of these emails so I shall be sending them off to abuse@amazonaws.com as checking the sending IP addresses does indeed show the IP addresses of Amazon Web servers.

Tim

________________________________________


Only use Helpful answer if your problems been solved.

0 Kudos
Reply
  • 16.44K
  • 899
  • 6.39K
Superuser
Superuser
996 Views
Message 10 of 19
Flag for a moderator

Re: How can I block a whole domain? i.e. clialiedge.com

I got an email back from Amazon today

amazonreply.PNG

I shall continue to monitor and I've set up rules to move any more instances straight to my spam folder so I will keep an eye out for more of the same.

It won't be the end of the spammers but hopefully we'll get a reprieve for a bit.

Tim

________________________________________


Only use Helpful answer if your problems been solved.