Ok so I have a user who had their email hacked and sent out a bit of spam (not too much as I have decent control on that now)
But the messages that were sent out were sent out as a @yahoo.com domain name and obviously that domain does NOT exist on the server. how can this happen and furthermore how do I STOP it from happening. See some relevant headers below Using version 14034 from localhost ([127.0.0.1]:44964 helo=host.myserver.com) by host.myserver.com with esmtpa (Exim 4.82) (envelope-from <spam...@yahoo.com>) id 1WLGrw-003NQj-E0; Wed, 05 Mar 2014 13:48:41 -0500 from mycustomershackeddomain.com ([41.249.164.251] helo= mycustomershackeddomain.com) by host.myserver.com with ESMTPS(AES256-SHA) (ASSP 1.9.9); 5 Mar 2014 13:48:27 -0500 and in the logs of exim <= spam...@yahoo.com H=localhost (host.myserver.com) [127.0.0.1]:44964 I=[127.0.0.1]:125 P=esmtpa A=courier_plain:m...@mycustomershackeddomain.com S=2123 T="Nancy Ruiz" from <spam...@yahoo.com> .bunch of spammed email addresses here.. 2014-03-05 13:48:55 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1WLGsA-003NQj-Kf 2014-03-05 13:48:55 1WLGsA-003NQj-Kf SMTP connection outbound 1394045335 1WLGsA-003NQj-Kf mycustomershackeddomain.com spam recipient 1 2014-03-05 13:48:55 1WLGsA-003NQj-Kf SMTP connection outbound 1394045335 1WLGsA-003NQj-Kf mycustomershackeddomain.com spam recipient 2 etc.. How can I stop this behaviour? I thought this might do it, Do Local Address Check for Local Sender (CheckLocalSenderAddress but it does not (so what does that setting actually do??) Thanks John ------------------------------------------------------------------------------ Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce. With Perforce, you get hassle-free workflows. Merge that actually works. Faster operations. Version large binaries. Built-in WAN optimization and the freedom to use Git, Perforce or both. Make the move to Perforce. http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk _______________________________________________ Assp-user mailing list Assp-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-user
