Re: [exim] Seeking advice how to deal with spam faked to app…

Inizio della pagina
Delete this message
Reply to this message
Autore: Aaron Stromas
Data:  
To: exim-users
Oggetto: Re: [exim] Seeking advice how to deal with spam faked to appear as coming from my domain
Cliff Pratt wrote:

>On 11/14/05, Aaron Stromas <ams@???> wrote:
>
>
>>Greetings,
>>
>>Some S.O.B. is sending spam faking the sender to be from my domain,
>>izoard.com <http://izoard.com>, so the postmaster get all that mail
>>bounced by spam filters
>>(see below). Is there anything I can do about it?
>>
>>A related question, given the IP address od the sender, which does not
>>the purported sender's DNS, I'd expect the filter to be a little smarter
>>in bouncing spam, realising that the sender's email domain id faked. Or
>>am I missing something?
>>
>>
>
>
>No, there is nothing that you can really do about it. The messages are sent
>by mail servers set up to bounce SPAM emails to the purported sender, which,
>as you have seen, results in you getting bombarded with invalid SPAM
>reports.
>

I was afraid of that. :(

>On the other question, there is nothing wrong with the message that your
>mail system receives from the reporting mail system. The remote system is
>sending a valid email from postmaster@??? to
>Charlotte.Elmore@??? which is being delivered to your postmaster.
>Both ends valid. No problems there.
>

I understand that, just wondered how spam filers are configured. I
suspect most mail admins just accept defaults, and wondering if those
defaults could be smarter. No offence to anyone, I'm not very
knowlwgeable about Internet mail, so feel free to ignore if it makes no
sense.

>The sending mail system *is* badly set up to send bounce messages to the
>purported sender which is almost aways faked. I'd make the postmaster at
>ns1.netwain.com <http://ns1.netwain.com> aware of the repercussions his
>bounce policy, but you will almost certainly get ignored (unless the mail
>admin has half a clue).
>

Judging by how much mail of his kind I started getting, he's got plenty
of company :)

What could I do not to be among them, i.e., how to configure exim
configuration not to bounce to faked sender addresses? As I said, I'm
not exactly knowlegeable.

TIA,

-a

>Cheers,
>

I'll try... :)

>Cliff
>
>



-- 
Aaron Stromas          |     "Tik-tik-tik!!!... ja, Pantani is weg..."
mailto:ams@izoard.com  |                          BRTN commentator
+1 (301) 493 4933      |                          L'Alpe d'Huez
http://www.izoard.com  |                          1995 Tour de France