Re: Spam problem!
On Mon, May 29, 2006 at 03:04:42AM -0700, Garrett Cooper wrote: SMTP with SSL/TLS and authentication for a network works wonders.. I'm not talking about _my_ users sending mail, I'm talking about mail _to_ my users :-) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Spam problem!
On Thu, May 25, 2006 at 07:53:12AM -0700, Olga Zenkova wrote: mailboxes with field To: user3 in it. There are no user1 or user2 in this field. Is it possible to cut off these letters? Especially it is difficult to explain for user1 and user2 why they got letters addressed not for them. Just show them Envelope-To: header in Outlook :-) At least my users can understand, that it is possible to write anything in various header. Also I use DSPAM (mail/dspam) for opt-in spam filtering and it works very well for users who care to train it. Plus I reject a lot of spam at incoming SMTP server. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Spam problem!
Igor Robul wrote: On Thu, May 25, 2006 at 07:53:12AM -0700, Olga Zenkova wrote: mailboxes with field To: user3 in it. There are no user1 or user2 in this field. Is it possible to cut off these letters? Especially it is difficult to explain for user1 and user2 why they got letters addressed not for them. Just show them Envelope-To: header in Outlook :-) At least my users can understand, that it is possible to write anything in various header. Also I use DSPAM (mail/dspam) for opt-in spam filtering and it works very well for users who care to train it. Plus I reject a lot of spam at incoming SMTP server. SMTP with SSL/TLS and authentication for a network works wonders.. blocks many unauthorized programs that utilize locally run SMTP servers (ie spyware, virii, etc). -Garrett ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Spam problem!
Spam?i love spam :) it's very yummy on wheat bread and it's even better if you add egg and cheese :P === Gil A. Virtucio Janitor/Kolektor/Messenger/Driver Asia Solution Phillippines Inc. 28/F Antel Global Corporate Center 3 Doña Julia Vargas Avenue, Ortigas Center, Pasig Mobile # : +63-916-3989695 === On Thu, May 25, 2006 at 07:53:12AM -0700, Olga Zenkova wrote: mailboxes with field To: user3 in it. There are no user1 or user2 in this field. Is it possible to cut off these letters? Especially it is difficult to explain for user1 and user2 why they got letters addressed not for them ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Spam problem!
I use sendmail 8.13.3 and gather full log of its work. I see such strings in it: RCPT TO: [EMAIL PROTECTED] 250 2.1.5 user1domain.com... Recipient ok RCPT TO: [EMAIL PROTECTED] 250 2.1.5 user2domain.com... Recipient ok DATA To: [EMAIL PROTECTED] where user1, user2 - users names domain.com - domain name After that user1 and user2 get spam letters to their mailboxes with field To: user3 in it. There are no user1 or user2 in this field. Is it possible to cut off these letters? Especially it is difficult to explain for user1 and user2 why they got letters addressed not for them. Thanks! Olga Zenkova __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Spam problem!
Olga Zenkova [EMAIL PROTECTED] wrote: I use sendmail 8.13.3 and gather full log of its work. I see such strings in it: RCPT TO: [EMAIL PROTECTED] 250 2.1.5 user1domain.com... Recipient ok RCPT TO: [EMAIL PROTECTED] 250 2.1.5 user2domain.com... Recipient ok DATA To: [EMAIL PROTECTED] where user1, user2 - users names domain.com - domain name After that user1 and user2 get spam letters to their mailboxes with field To: user3 in it. There are no user1 or user2 in this field. Is it possible to cut off these letters? Especially it is difficult to explain for user1 and user2 why they got letters addressed not for them. Spam prevention is a _huge_ topic. Mainly because everything and anything you do to try to prevent spam, spammers will work to circumvent. I would suggest lots and lots of reading on the problem. Research spamcop, spamassassin, greylisting to start, plus any links that those point you to. You've got a lot of work on your hands to understand the problem and effectively prevent it. Alternatively, you can purchase a commercial solution. There are many appliances available. Or you could hire an experienced consultant to set up spam blocking on your existing server. Good luck. -- Bill Moran Time for some thrilling heroics. Jayne Cobb ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Spam problem!
There are many ways to combat spam. One of the easiest is to use mailscanner in the ports. You can configure mailscanner to compare senders against known lists of SPAMers, in addition to it's own rules. -Derek At 09:53 AM 5/25/2006, Olga Zenkova wrote: I use sendmail 8.13.3 and gather full log of its work. I see such strings in it: RCPT TO: [EMAIL PROTECTED] 250 2.1.5 user1domain.com... Recipient ok RCPT TO: [EMAIL PROTECTED] 250 2.1.5 user2domain.com... Recipient ok DATA To: [EMAIL PROTECTED] where user1, user2 - users names domain.com - domain name After that user1 and user2 get spam letters to their mailboxes with field To: user3 in it. There are no user1 or user2 in this field. Is it possible to cut off these letters? Especially it is difficult to explain for user1 and user2 why they got letters addressed not for them. Thanks! Olga Zenkova __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Spam problem!
Derek Ragona wrote: There are many ways to combat spam. One of the easiest is to use mailscanner in the ports. You can configure mailscanner to compare senders against known lists of SPAMers, in addition to it's own rules. -Derek At 09:53 AM 5/25/2006, Olga Zenkova wrote: I use sendmail 8.13.3 and gather full log of its work. I see such strings in it: RCPT TO: [EMAIL PROTECTED] 250 2.1.5 user1domain.com... Recipient ok RCPT TO: [EMAIL PROTECTED] 250 2.1.5 user2domain.com... Recipient ok DATA To: [EMAIL PROTECTED] where user1, user2 - users names domain.com - domain name After that user1 and user2 get spam letters to their mailboxes with field To: user3 in it. There are no user1 or user2 in this field. Is it possible to cut off these letters? Especially it is difficult to explain for user1 and user2 why they got letters addressed not for them. Thanks! Olga Zenkova __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. Ohh, this reminds me of my ISP tech support days. Having to explain to illiterates what a BCC is ... Yeah, I think even sendmail has a mail filter available if you want to configure it. There are many anti-spam methods available at the server. I recommend finding one with greylisting built in ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Spam problem!
On Thu, May 25, 2006 at 07:53:12AM -0700, Olga Zenkova wrote: I use sendmail 8.13.3 and gather full log of its work. I see such strings in it: RCPT TO: [EMAIL PROTECTED] 250 2.1.5 user1domain.com... Recipient ok RCPT TO: [EMAIL PROTECTED] 250 2.1.5 user2domain.com... Recipient ok DATA To: [EMAIL PROTECTED] where user1, user2 - users names domain.com - domain name After that user1 and user2 get spam letters to their mailboxes with field To: user3 in it. There are no user1 or user2 in this field. Is it possible to cut off these letters? Especially it is difficult to explain for user1 and user2 why they got letters addressed not for them. I can advise you to use mail/spamass-milter for you mail server. If your clients gain there mail though pop3 then you can use mail/p5-Mail-SpamAssassin as a (getmail) filter. It realy realy good. I only had one false positive once. You can reject spammails if you like. Don't send bounce messages since these will not end up with the spammers but those who abuse the email adress. -- Alex Please copy the original recipients, otherwise I may not read your reply. Howtos based on my personal use, including information about setting up a firewall and creating traffic graphs with MRTG http://alex.kruijff.org/FreeBSD/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Spam problem!
Adrian Pavone wrote: Derek Ragona wrote: There are many ways to combat spam. One of the easiest is to use mailscanner in the ports. You can configure mailscanner to compare senders against known lists of SPAMers, in addition to it's own rules. -Derek At 09:53 AM 5/25/2006, Olga Zenkova wrote: I use sendmail 8.13.3 and gather full log of its work. I see such strings in it: RCPT TO: [EMAIL PROTECTED] 250 2.1.5 user1domain.com... Recipient ok RCPT TO: [EMAIL PROTECTED] 250 2.1.5 user2domain.com... Recipient ok DATA To: [EMAIL PROTECTED] where user1, user2 - users names domain.com - domain name After that user1 and user2 get spam letters to their mailboxes with field To: user3 in it. There are no user1 or user2 in this field. Is it possible to cut off these letters? Especially it is difficult to explain for user1 and user2 why they got letters addressed not for them. Thanks! Olga Zenkova __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. Ohh, this reminds me of my ISP tech support days. Having to explain to illiterates what a BCC is ... Yeah, I think even sendmail has a mail filter available if you want to configure it. There are many anti-spam methods available at the server. I recommend finding one with greylisting built in I had to get rid off greylisting (even though it sounds wicked). It took me a few months to realise that some legitimate mail was getting lost due to senders' weird configuration on SMTP level. Also sometimes I was getting very long delays and it was unacceptable by the users. I use a mix of sendmail, spamass-milter and spamassassin. It quietly accepts spam and delivers it marked as such but never bounces. It does a great job, can't complain, but 1% manages to get through from time to time. Also, once in awhile legitimate mail gets marked and this is where whitelisting comes in handy. Cheers, Mikhail. -- Mikhail Goriachev Webanoide Telephone: +61 (0)3 62252501 Mobile Phone: +61 (0)4 38255158 E-Mail: [EMAIL PROTECTED] Web: http://www.webanoide.org PGP Key ID: 0x4E148A3B PGP Key Fingerprint: D96B 7C14 79A5 8824 B99D 9562 F50E 2F5D 4E14 8A3B ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SPAM Problem
Aaron Siegel wrote: Hello This message is off topic but I was not sure were else I can go to get help with my problem. For the past week I have been receiving messages from various mail servers which have bounced messages I have not sent but have my email address as the originator of the bounced message. I believe there are some SPAMers using my email address on their SPAM. I would really like to avoid changing my domain name. Has anyone experienced this problem? Is there something I can do? Thank you Aaron What you can do to partially combat this problem is publish SPF records for your domain. That will cause spam filters on cooperating mail servers to drop email claiming to be from you that comes from anywhere but one of your mail servers. Since the messages will be dropped, they won't generate notices of non-delivery. I guess this assumes that the mail servers that generate the non-delivery notices check SPF records on inbound mail, which on reflection doesn't seem too likely, but it might help a little. If this kind of problem bothers you you can also configure your own mail server to check SPF records on inbound mail. This won't directly address your problem but it does reduce the effectiveness of joe-jobbing as more and more people do it. -- Danny MacMillan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [OT Re: SPAM Problem]
Greg Maruszeczka wrote: It's probably blowback resulting from the activities of worm-infected windows hosts. Someone you correspond with got infected and the worm subsequently propagated itself by picking your name from their address book and inserting it into the from: header of the message carrying the worm. Then, badly configured MTAs send helpful NDRs to the sender informing them that they're messages couldn't be delivered Pretty routine, really. In 2005.01 we have got 48605 bounce messages (instead of 4-10, our clients prefer to call phone) to our help desk email and I was _forced_ to close this address with semi-helpful message after RCPT TO: command about new address. Now I reopened address and we get normal number of spam messages at it. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [OT Re: SPAM Problem]
On 07/23/05 05:11 PM, Greg Maruszeczka sat at the `puter and typed: Aaron Siegel wrote: Hello This message is off topic but I was not sure were else I can go to get help with my problem. For the past week I have been receiving messages from various mail servers which have bounced messages I have not sent but have my email address as the originator of the bounced message. I believe there are some SPAMers using my email address on their SPAM. I would really like to avoid changing my domain name. Has anyone experienced this problem? Is there something I can do? It's probably blowback resulting from the activities of worm-infected windows hosts. Someone you correspond with got infected and the worm subsequently propagated itself by picking your name from their address book and inserting it into the from: header of the message carrying the worm. Then, badly configured MTAs send helpful NDRs to the sender informing them that they're messages couldn't be delivered Pretty routine, really. Sorry I missed the OP, but this is something pretty much everyone sees at one time or another. I got to the point where I was receiving around 200/day before I started seeing myself in Joe-Jobs. Basically, they want a shot at getting through those servers that simply require a valid email address in the From: header. I find it ridiculous that these mail servers simply bounce it to that address rather than simply interpreting the headers and sending it back to abuse/postman/admin at the originating relay. This would certainly bring it to the attention of the very few people with the ability to stop the email coming. In the meantime, I'm afraid there's not much you can do unless you want to track that relay down yourself. Even if you find it, most times it's out of your reach (different country, etc). And if you do find it and it's coming from the next town over, it's not like the authories will want to convict anyone of identity theft - they still tend to go for the low hanging fruit, so best case scenario is you can get the ISP to shut them down until they find another provider. Maybe (big maybe) the ISP will sue them, but you don't get anything for your effort but the satisfaction that they got burned. I eventually shut down the domain I was getting so much spam at. I recently turned it back on after 6 months of downtime and immediately started getting over 40/day. Looks like some spammers never pare down the lists they sell. The only thing you can really do is install spam filters (like ports/mail/p5-Mail-SpamAssassin) so you don't have to look at it. Just make sure your address isn't whitelisted. Lou -- Louis LeBlanc FreeBSD-at-keyslapper-DOT-net Fully Funded Hobbyist, KeySlapper Extrordinaire :) Please send off-list email to: leblanc at keyslapper d.t net Key fingerprint = C5E7 4762 F071 CE3B ED51 4FB8 AF85 A2FE 80C8 D9A2 I do desire we may be better strangers. -- William Shakespeare, As You Like It pgpYYeMGakZes.pgp Description: PGP signature
SPAM Problem
Hello This message is off topic but I was not sure were else I can go to get help with my problem. For the past week I have been receiving messages from various mail servers which have bounced messages I have not sent but have my email address as the originator of the bounced message. I believe there are some SPAMers using my email address on their SPAM. I would really like to avoid changing my domain name. Has anyone experienced this problem? Is there something I can do? Thank you Aaron ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SPAM Problem
At 11:37 AM 7/23/2005, Aaron Siegel wrote: Hello This message is off topic but I was not sure were else I can go to get help with my problem. For the past week I have been receiving messages from various mail servers which have bounced messages I have not sent but have my email address as the originator of the bounced message. I believe there are some SPAMers using my email address on their SPAM. I would really like to avoid changing my domain name. Has anyone experienced this problem? Is there something I can do? Spammers do that quite frequently. Unfortunately there's nothing that you can do about it. However, I have noticed that the spammers don't use an email address like that for very long. Typically only a couple of weeks before they move on to another. -Glenn Thank you Aaron ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
[OT Re: SPAM Problem]
Aaron Siegel wrote: Hello This message is off topic but I was not sure were else I can go to get help with my problem. For the past week I have been receiving messages from various mail servers which have bounced messages I have not sent but have my email address as the originator of the bounced message. I believe there are some SPAMers using my email address on their SPAM. I would really like to avoid changing my domain name. Has anyone experienced this problem? Is there something I can do? It's probably blowback resulting from the activities of worm-infected windows hosts. Someone you correspond with got infected and the worm subsequently propagated itself by picking your name from their address book and inserting it into the from: header of the message carrying the worm. Then, badly configured MTAs send helpful NDRs to the sender informing them that they're messages couldn't be delivered Pretty routine, really. G ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [OT Re: SPAM Problem]
On 7/23/05, Greg Maruszeczka [EMAIL PROTECTED] wrote: Aaron Siegel wrote: Hello This message is off topic but I was not sure were else I can go to get help with my problem. For the past week I have been receiving messages from various mail servers which have bounced messages I have not sent but have my email address as the originator of the bounced message. I believe there are some SPAMers using my email address on their SPAM. I would really like to avoid changing my domain name. Has anyone experienced this problem? Is there something I can do? It's probably blowback resulting from the activities of worm-infected windows hosts. Someone you correspond with got infected and the worm subsequently propagated itself by picking your name from their address book and inserting it into the from: header of the message carrying the worm. Then, badly configured MTAs send helpful NDRs to the sender informing them that they're messages couldn't be delivered Pretty routine, really. G ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Yeah, that should, for the most part blow over is a few weeks. In the mean time just filter to the trash. If it to big of problem, you can always delete the NDR's from your mailbox using a script on a cron job. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]