Bowie Bailey wrote:
R.Smits wrote:
Hello,
Is there something I can do that our company addresses cannot be used
for sending spam ? Is DKIM an answer ?
A lot of our users get "delivery failed" messages. So a spammer is
sending spam with our addresses :-(
A difficult problem I think ?
Greetings... Richard Smits
There is really nothing that you can do to prevent spammers from using
your address. You can do things like DKIM and SPF to attempt to
validate good mail from your domain, but this relies on the receiving
server doing the necessary checks.
We are having the same problem. One of our addresses has been used
consistently by spammers for the past couple of years. Recently the
problem has gotten much worse. This address has received over 57,000
bounce messages in the past two weeks! I now have a rule in my mail
server to detect and drop these messages.
At least _part_ of this problem could be fixed by more sites using a
valid "rcptto" check _before_ they accept the message, rather than
taking any and all messages to their domain, THEN spamming everyone with
rejections.
I used to have hundreds of 'can't send the failure message' messages in
my queue prior to enabling this for most customers. Now it's down to
two or three, at most, from people inside the customer site doing
strange things.
