On Fri, Sep 14, 2001 at 10:56:31AM -0700, Ian LeBlanc wrote:
> Ok is there any patches that allow me to specify FULL from addresses that
> the server when it recieves them trashes the email.
> Example..
There is no need for patches to do this -- badmailfrom already does
this. man qmail-smtpd. However, that won't stop the typical spammer, who
does something like this:
MAIL FROM: <>
RCPT TO:blah1
RCPT TO:blah2....
From: [EMAIL PROTECTED]
Subject: Make Money Fa$t
To: Valued Client
Here is some spam.....
The right way to prevent this sort of junk is not to allow relay for the
kind of folks who do this...
>
>
> Someone is generating spam on my server and sending out from [EMAIL PROTECTED]
> the mail box [EMAIL PROTECTED] DOES NOT exist but the server sends it out
> anyways..
So you're being used as a spam relay -- what do the logs say? Tying
qmail-smtpd and qmail-send logs together should make tracing this down
to the originator easy....
>
> I am talking MILLIONS of emails... I can not track where they are
> generating the mail
> from but it is now causing us a lot of trouble as ISPs are starting to
> block our server
> and I in the meantime get hundred thousand bounce messages.
>
> We are actually now considering changing MTAs because there seems to be no
> fix for what is going on and we see that as a problem.
That is concerning... Odds are, you're allowing relay to whomever is
doing the spamming, for one of the following reasons:
1. A script on the server (often web-based) allows outsiders to relay.
This is easy to fix short-term -- disable the script. :)
2. You've misconfigured RELAYCLIENT, allowing all* IP addresses relay
access.
*Or incorrect, possibly.
3. The spammer is a customer of yours or employee of yours, and you're
allowing him to relay.
Please let us know what the logs say...
GW
