The NeoSmart Files

Spoofed Spam from NeoSmart's Domain

An hour ago a spamming agency seems to have sent out thousands of messages from random @neosmart.net email adresses. NeoSmart Technologies was not involved in this spamming attempt (check the message headers!) and we’d like to assure everyone that we never have and we never will condone spam to come from our servers.

These messages were sent to random addresses, so whether or not you’re a member here doesn’t matter. Odds are, you won’t receive one of these emails, but we just wanted to make that all clear.

Some background on domain spoofing:

Spammers ‘spoof’ the domains and randomize the aliases (first half of email adresses) to avoid detection & identification, having their own inboxes flooded with complaints, and bounced messages. You can tell if a message really was sent by the domain in question if the SMTP server in the message headers matches their domain’s IP address. Obviously in our case it doesn’t.

Spoofed messages normally won’t get a domain blacklisted – that’s a common misconception. When spammers do their thing, the IP address is blacklisted, not the faked domain name itself. Not only does this keep the colateral damage to innocent victims like us down to a minimum, it also is more effective by getting closer to the originating spam servers too.

So, don’t worry, NeoSmart Technologies hasn’t been bought out by spammers yet, and we’ll continue to do our thing to make sure your private data is safe and sound, and you can count on us not to abuse our position. If you have any idea who actually did the spamming, we urge you contact NeoSmart’s emergency security team at security@neosmart.net as soon as possible.