Re: [Exim] Bounce messages against me

Top Page
Delete this message
Reply to this message
Author: Dave C.
Date:  
To: Leonardo Boselli
CC: exim-users
Subject: Re: [Exim] Bounce messages against me

On Mon, 18 Feb 2002, Leonardo Boselli wrote:

> Some #@%@ from USA had a "brilliant" idea.
> Using a dialin account he sent a lot of [ads] and [spam] messages
> using as sender address some casual numbers attaching my
> domain. ( for example 0123fee54323@??? ) .


This is not a new idea. Spammers forge other people's domains all the
time to eitehr hide their own identity, or to cause grief for the owners
of those domains. How they choose what domains to use, I have no idea.

> Of course most of these messages did bounce since in a spam
> mass mailing there are a lot of wrong addresses. I end having in 4
> (real spam messages)+about 40000 delivery failure messages from
> the 5 continents.


Set receiver_verify, to at least prevent your server from accepting
messages for (random characters)@dicea.unifi.it (This is presuming you
dont accept "*"@???, which you shouldn't be doing.

> This flooding (still running after 7 letters to abuse@??? )


What do you want Qwest to do? Presumbably these spams have been
delivered to servers all over the world, which are slowly winding
through them and bouncing al the ones that are to undeliverable
addresses, and its very unlikely that Qwest operates all of them, or
even any signifigant number of them.

> often locks my servers that for about 10 minutes do not accept any
> email connection, nat even smtp fron local machine.


You can also set smtp_accept_reserve, to reserve a specific number
of smtp connections from 'local' machines.

> HOW to avoid this ? that is how can i increase the number of
> incoming connections, so even if there are a lot of connections the
> sistem would not refuse ?
> (debian with kernel 2.2.19 and backup with 2.4.17 , both exim 3.33 )
> (note: since i have a lot of users with such "strange" usernames i
> cannot simply bounce it ...)


Yes, you can bounce it. You need a way to determine if a given
localpart@yourdomain is, or is not, a valid address, and you need to
have that defined in your directors, so that exim can reject random
invalid addresses at SMTP time. If you wont do that, then your other
option is to receive and deal with all off the bounces.

You might also wish to save a good sampling of the bounces, preferrably
ones that contain clean full copies of the original spam message
complete with headers, and consult with a lawyer - you may be able to
take action against the responsible party..

>
>
> Leonardo Boselli
> nucleo informatico e telematico
> Dipartimento Ingegneria Civile
> Universita` di Firenze
> V. S. Marta 3 - I-50139 Firenze
> tel +39()0554796431 fax +39()055495333
> http://www.dicea.unifi.it/~leo
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
>


--