Thanks.
Headers of SPAM emails show that emails are at times delivered directly to our email server
MX record for Email server is must to act as back up in case of SMTP gateway failure.
Solution being used is from Symantec.
<snip>
Sending mails directly to the backup MXs, instead of the primary one, is a very popular way amongst spammers to avoid spam detection. The gist is that they know that this is a very common setup - primary MX has spam filtering and the backup MXs don't and, frequently, the primary MX accepts mails from the backup MXs blindly, i.e. they trust the backup MXs and don't filter mails from the backup MXs. Also, backup MXs generally don't check for the existence of user accounts [unless you have call forwards enabled] or quota limitations, so they accept any/all mails for a domain blindly.
Spammers exploit this setup and send mails directly to the backup MXs.
Solution: Run spam/anti-virus filtering on all publically exposed MXs.
-- Regards, Varun Varma --------------------------------------- Mindframe Software & Services Pvt. Ltd. http://www.mindsw.com ---------------------------------------
_______________________________________________ ilugd mailinglist -- [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/[EMAIL PROTECTED]/
