You cant do anything to stop blocking them from being forged and sent, but there are things you can do to help notify other ISPs what servers are authorized to send mail for your domain, so that they can use smarter methods to block and allow SPAM. For example, you can use a Sender Policy Framework record in your Domain headers. Some recipient servers have different rules on whether they just drop or return SPAM, dependant on detection method.
IF similar methods are already being done, and the messages are being sent back to you after being blocked, and getting flooded with the bounce messages, probably not much can do, other than to set up a temp rule to drop those specific bounce message group. Tom DeReggi RapidDSL & Wireless, Inc IntAirNet- Fixed Wireless Broadband ----- Original Message ----- From: "Kurt Fankhauser" <[email protected]> To: "'WISPA General List'" <[email protected]> Sent: Wednesday, December 30, 2009 10:31 AM Subject: [WISPA] domain spam attack - JoeJob > Does anyone have any experience with having an attack done on your domain > where the sender spoofs the header and then puts your domain in it as the > sender. I think this is called a JoeJob and we are getting 1000's of the > bounced messages because of it and are now having difficulty sending to > some > of the bigger email providers like aol, yahoo, and hotmail. I tracked the > originating IP down to somewhere in Asia and reported them to the holder > of > the Whois information there. Anything else I can do? > > > > Kurt Fankhauser > WAVELINC > P.O. Box 126 > Bucyrus, OH 44820 > 419-562-6405 > www.wavelinc.com > > > > > > > > > > -------------------------------------------------------------------------------- > WISPA Wants You! Join today! > http://signup.wispa.org/ > -------------------------------------------------------------------------------- > > WISPA Wireless List: [email protected] > > Subscribe/Unsubscribe: > http://lists.wispa.org/mailman/listinfo/wireless > > Archives: http://lists.wispa.org/pipermail/wireless/ > > > -- > Internal Virus Database is out-of-date. > Checked by AVG. > Version: 7.5.560 / Virus Database: 270.12.26/2116 - Release Date: > 5/15/2009 6:16 AM > > -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: [email protected] Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
