Author: exim user Date: To: exim-users Subject: Re: [exim] Seeking advice how to deal with spam faked to appear
as coming from my domain
Arrrrgh, many thanks for opening my eyes on that. I'm glad about exim's
acls, so most of the spammers/virusbots were blocked before my machine
spreaded dumb bounces.
You're right, I have to retire these routers immediately.
But then: How can I achieve my policy, to
1. Deliver unknown recipients mail to postmaster
2. Send a bounce to the sender, copy of it to postmaster
from my check_rcpt acl?
If anyone is able to answer this, I will change the topic.
In my case, the long faked spam file is now closed.
Thanks
sebastian
Am 16.11.2005 22:16 Uhr schrieb "Fred Viles" unter <fv+exim@???>: >
> .... > Since the message gets accepted, this router causes *delivery* to
> fail, which results in the DSN (bounce) messages that you see frozen.
> It is also presumably causing your server to generate and
> successfully deliver collateral spam to innocent third parties whose
> valid addresses are forged as the senders of spam and malware
> delivered to your system.
>
> (tests it...)
>
> Yup. And since you return the full incoming message in the DSN, you
> are running an abusable open relay. This will probably get you
> blacklisted in due course.
>
>
> You should also delete the last router. I can't emphasize that
> enough. You should *not* be generating bounces for messages you did,
> after all, accept and deliver (to postmaster).
>
> - Fred
>
>
>
>