Another real-world situation .... Over the Xmas break it appears that some spammer decided to use a non-existant email address from one of my virtual domains as the "reply-to" address. I had set up SME to send mail to unknown recipients to the admin.
I was out of internet range from 27 Dec to 2 Jan. On 28 Dec the emails started rolling in, 8000 before I checked my emails on 2 Jan. The problem was solved quickly by removing the virtual domain, and smtpd_check_rules rejects ALL mail to that domain. I thought initially that the SME box had been compromised to be a spam-relay, but I think it is only a problem with the "reply-to" address being used. I actually have a requirement to allow users on that domain to recieve email, so I have now set up the SME to reject mail to unknown users. The problem now is that I am getting about 5 bounce bounced messages per minute. So I have added a separate rule to reject all mail to the spammer's "reply-to" address which has stopped the bounce bounced messages. Why ?? some spammer has decided to use one of my email address as the "reply-to" address I do not know, but it appears to me that it is probably because they determined that mail to that address would not bounce. The moral of the story is to set your mail to unknown users to be rejected, not delivered to the admin. Hugh Fox Sales Director (and part-time IT guy) www.drcauto.com -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
