Hi Everyone -
I'm not sure where this post belongs, so I will post here first.
We took on hosting for one of our members mid-week last week, and there is a
problem going on. Before the changeover, they complained that one of the
users, in particular, was getting a TON of spam with their old host. I
proudly said "no problem" as we have things clicking very nicely now with
our setup.
Well, the switch has been made and said user does not get the spam he was
getting before. However, I'm seeing it in that Declude/Sniffer/etc is
catching it. The stuff he was referring to as "spam" is bounced messages
from other people. Either his email address has been hi-jacked, or his
computer has as the bounced messages are coming in that say the message from
"Wrong Name <[EMAIL PROTECTED]>" could not be delivered. The trail after
that shows that they are definitely spam. I have been looking through the
logs and can't see for sure that the originating message is coming through
our server (I haven't spent hours looking at the logs). So I can't say for
sure that he is sending it through us. But I'm worried about ending up
blacklisted for sending this crap.
I have asked the end-users to thoroughly scan his computer for problems, and
fix if found. There is no on-site tech, so they asked about changing the
email address. While I'm not opposed, if it is in fact his computer then
that won't make much difference.
Am I missing anything? Is there any better way to troubleshoot that you can
think of? None of the other users on his domain are seeing this, and I have
not seen this type of traffic from any of the other users we host mail for.
For what it's worth we are using Imail 8.22 (with ALL patches), the latest
version of Declude, Sniffer, and invURIBL 2.7 - all running on Windows 2003
Server.
I appreciate any thoughts or direction on this.
Thanks!
Todd
[EMAIL PROTECTED]
