From Matthew Hill, received 18/7/02, 6:39 am -0700 (GMT): > How do you make some one stop forging mail? I have a spammer who > is forging our domain. I am still getting 100's bounces to unknown > users. I have removed the unknown account. Is there a way to make > them stop using our domain name?
Many spammers nowadays use spamware that rotates headers including the Return-Path, so each spam will forge many different domains. They generally don't just forge one Return-Path domain because that would bomb the domain with millions of bounces and the domain owner might sue, so the rotation forges lots of domains in rotation to spread the bounces (and flames) around. You're lucky you're just getting 100's of bounces instead of 100's of thousands. There's nothing you can do about it except sue the spammer if you can find him. (if you're in California and the spammer is in California then the California Attorney General's Office wants to hear from you) On the CommuniGate Pro list I asked Stalker to consider an 'anti-bomb' feature for CommuniGate Pro that would enable CGP to drop and temporarily deny the SMTP listener to any IP trying to submit multiple mailer-daemon bounces (Return-Path:<>) in rapid succession. -- Steve Linford Ultradesign Xtreme Network http://www.uxn.com ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
