Lee Christie wrote:
> g) If we block the badhost1.com in our firewall or IDS system all malicious
> email traffic stops.
Doesn't this sort of suggest a solution to you? If they can't manage to
stop being an open relay of some sort, or if one of their customers is
using them as a relay and spamming you, perhaps you should just block
them, and good riddance.
> Conclusion:
> a) Is there anybody out there that has had an experience like this before?
No, I've had something even more annoying; Someone was spamming AOL,
with a faked return address at my domain (a commercial site I worked
for.) So people who couldn't manage to properly read the header (IE,
just about every AOL user) would send us mail blaming us (if they were
smart enough to mail root, postmaster, or abuse.) The problem is that
the only way to stop it was to block mail from AOL; We got all the
bounces, too, because AOL's mail system isn't too bright either.
> b) We have contacted the owner of the badhost1 they supposedly turned off
> relaying.
If they had, then you shouldn't be getting spammed.
Or, it's someone inside their organization (for some value of inside)
who is sending you the spam.
Meanwhile, your mail system still has to batch mail for local users
before it can deliver it. It's simply generating so much that it's
getting clogged.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
