Fork me on GitHub

Statement on recent spam wave with @cron-job.org senders

It has been reported to us that recently numerous of email addresses receive unsolicited emails (spam) with an alleged sender of @cron-job.org, for example contact@cron-job.org. These emails have been mostly reported by users of the ISP EarthLink.

These emails have not been sent by cron-job.org nor are we in any way involved with these emails. The sender address in these emails is forged. An email is basically like a post letter envelope: The 'From' field can be filled in by the sender with anything he wants. In fact, the address the sender puts in the 'From' field does not even have to exist. Email simply does not come with any mechanism of validating the sender address — a well-known flaw of email in general. Spoofing the sender address is so easy that virtually no spam sender on this planet is using his real email address as the sender.

At cron-job.org, we have analyzed many of these spam emails and we can exclude the possibility that these emails originate from our networks. The sender address of these emails is spoofed. The real origin of these emails can be found in the emails' 'Received' headers. The samples of these emails we got apparently origin from hi-jacked computers or servers, for example located in Czech Republic.

cron-job.org condemns spam in all its forms and never sends unsolicited emails.

Frequently Asked Questions

Why are you sending these emails to me?
We don't. These emails abuse our good name and our email addresses to pass filters more easily and to damage our reputation.
Can you stop these emails?
Unfortunately we cannot do anything about these emails since we are in no way involved with them. Even turning off our complete network and web site would not stop these emails from getting to you.
How can I be sure that you are really not the sender?
Just show the email(s) to any network or email expert. They can read and interpret the so-called email headers and will confirm that the sender is forged and these emails do not origin from our systems.
Apart from that, there is absolutely no motivation for us to send spam emails. The cron-job.org service is entirely free and non-profit.
Who is sending these emails then?
Unfortunately the internet provides many ways for miscreants to hide their real identity. For example, many spam emails are sent from so-called bot nets which consist of normal people's computers which have been hi-jacked by trojans/viruses. It is virtually impossible to determine the real people behind these spam waves.
What can I do about it?
First of all, you might want to block the email address of the senders in your email filters. Most of the time this is contact@cron-job.org — an address which does not even exist and is not used by us. If you are not a user of our service, you might want to block @cron-job.org addresses in general.

There are also some popular technologies to detect and block spoofed email sender addresses. One of these technologies, SPF (Sender Policy Framework), is the most popular. To make this technology work to your advantage, both the owner of the spoofed addresses (us) and your ISP (for example EarthLink) have to support it. We already do support it and actively publish SPF records. Now it's up to your ISP to implement SPF and block emails with forged senders. You might want to contact your ISP and submit this as an improvement suggestion.
I've clicked Unsubscribe, but it doesn't help.
Please never click unsubscribe links in spam emails. It shows the spam senders that your email address is valid and actively monitored by you. Hence it makes your email address even more valuable to them and you will most likely receive even more spam emails. The safest way is to not react on these messages at all and to delete them immediately.
I have more questions/remarks/ideas. How can I contact you?
Feel free to contact us directly at info@cron-job.org.