I turned on the nobody alias for a few minutes, and the messages are actual
bounce messages from postmasters who are getting spam from someone forging
our return address. Very active spammer. Anything we can do?
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
If the bounce messages give you enough header information to track the orignating IP
you can complain to the guy's upstream, but my experience is that most of these guys
these days are using distributed zombie machines and all you end up with is a bunch
IP's of spyware infected residential
A message selected at random (from @nokia.com) had as the last received
from IP one that resolved to the Army National Guard.
Anyway, I'll ask further questions on the Junkmail list, since this is
spam-related, not virus-related.
- Original Message -
From: Donn Bly [EMAIL PROTECTED]
What about just disabling Null senders in Imail?
Of course this means that most Out of office messages will not make their
way into your system but it takes the load off of Declude.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Donn Bly
Sent:
Declude never sees it anyway; never makes it to the queue. It errors
on the RCPT TO: line. With the Refuse Null Senders box checked, it
errors one command earlier, on MAIL FROM. Probably not enough to
make a difference.
Actually, it would be a significant difference under load. But this
Of course this means that most Out of office messages will not
make their way into your system
And you will be doing your users a great disservice by rejecting
hop-one bounces.
And you will get blacklisted.
There is no informed, rational reason to disable all messages from the
null