The way to stop being a relay is to turn off relaying in your MTA, not
to try to packet-filter connections from known spammer IP addresses. By
turning off relaying, you refuse to deliver emails with _email_
addresses (not IP addresses) that do not correspond to specific domains
that you want to deliver for (e.g. mycompanyname.com,
mycompanyothername.com).
Michael
rac wrote:
>
> Hi fellow geeks:
>
> I rarely post here and only do so if I have an issue that I've not seen
> very much on. The issue is one of my customers having a mail spammer that
> won't stop. This person is using the firewall as a mail relay spamming
> others while showing the source address of the spam as the firewall's IP
> address.
> One of the solutions I have suggested to them is to put in deny rules
> blocking all of the known IP addresses that he/she is coming from. They
> eventually have entered rules blocking a whole class A sub-net because the
> spammer keeps changing his IP address. They also have been on the "Black
> Hole" spammers list since April and can't do enough to get off of it. BTW,
> has anyone ever heard of the "Black Hole" spammers list? I have heard of
> others but not this one.
>
> I have checked into the vulnerabilities list and their NT mail server is up
> to date on patches.
>
> Anyone have any ideas/suggestions as to what other steps could be done?
>
> regards,
> RAC
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
