Thus said Kimball Larsen on Fri, 21 Apr 2006 09:03:28 MDT: > So, until recently, we have had very little problem, but in the last > =20 few weeks some spammer(s) have gotten hold of our business domain > and =20= are using it to spoof return addresses, thus slamming my > systems with =20= hundreds of bounced messages/day.
Are these bounces for legitimate users or are they just picking random names @yourbusiness.com and spamming those, which in turn get the bounces? > First up is Sender Policy Framework (SPF) (1). I actually had not =20 > heard about this until today when I started researching this problem, > =20= and have already heard relatively strong opinions on both sides > about =20= whether SPF is a good or bad thing. Bad and also not likely to help in this case, see my reply to Hans. > Next is Domain Keys (2). This sounds promising, but also a bit =20 > daunting to set up correctly. Better than SPF, but still not likely to help you in this situation. What exactly is the concern with these bounces? Are they causing legitimate email to be delayed? Are they being sent to real email addresses and thus affecting your users productivity? Are they causing your mail server to get overloaded? Bandwidth? Answers to theses questions can help in determining the proper solution. Andy -- [-----------[system uptime]--------------------------------------------] 10:47am up 19 days, 2:09, 1 user, load average: 1.00, 1.01, 1.00 /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
