well, you still have to recieve the email to route the mail to /dev/null,
but if you use the baddcptto (http://patch.be/qmail/badrcptto.html) patch,
it will do the job even before you get the body of the message. it's stable,
I am using it (and some functionality there is written by me) for a long
time.
----- Original Message -----
From: "Matt Simerson" <[EMAIL PROTECTED]>
To: "'Scott Ramshaw'" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, July 17, 2001 11:28 PM
Subject: RE: spammers forging From: addresses
> I fixed this the easy way. Instead of deleting the offending account I
> disable and and route all the mail for that domain to my "special" mailbox
> for spam (/dev/null). This is _much_ less expensive than bouncing the
> messages.
>
> Matt
>
> > -----Original Message-----
> > From: Scott Ramshaw [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, July 17, 2001 2:25 PM
> > To: [EMAIL PROTECTED]
> > Subject: spammers forging From: addresses
> >
> >
> > I'm having a serious problem and I'm sure I'm not the only
> > one. I run
> > a free email service using vpopmail, sqwebmail etc and these spam
> > $#%#@%$ keep signing up for an account then proceeding to send immense
> > amounts of SPAM (not through my server, mostly through open
> > third party
> > relays), I mean tens of thousands of SPAMs with a forged From: address
> > from my domain. Usually I spot them quick and delete the account, but
> > that doesn't stop my server from receiving and processing
> > literally tens
> > of thousands of bounced emails due to these fools forging the From:
> > address from my domain. If there was a badmailto like there is a
> > badmailfrom in qmail, that might speed up the denial but currently it
> > has to process the message, sees that the account doesn't exist, then
> > it does the double bounce then discards it. Also is this behavior in
> > compliance with the email RFC's? Should MTAs be bouncing mail back to
> > me even though it didn't originate from my server? Seems
> > like is a DOS
> > attack waiting to happen (well it's happening to me, but it could be
> > done on a larger scale.)
> >
> > Has anyone found a fix for this issue? Please don't suggest to track
> > down the spammers and get them to stop forging because that
> > is a cat and
> > mouse game, I need to curb the entire bounced email issue. Even
> > something like a badmailto that would immediately just drop
> > the message
> > if the To: address matched would be great if anyone has
> > hacked qmail to
> > do so.
> >
> > Open to any suggestions,
> > Scott R
> >
> >
> >
> >
>
>
>
