Re: [exim] Backscatter Spam Again. HELP PLEASE!

Top Page
Delete this message
Reply to this message
Author: Craig Jackson
Date:  
To: Grant Peel, exim users
Subject: Re: [exim] Backscatter Spam Again. HELP PLEASE!


> -----Original Message-----
> From: exim-users-bounces@???
> [mailto:exim-users-bounces@exim.org] On Behalf Of Grant Peel
> Sent: Thursday, March 06, 2008 7:49 AM
> To: ??? Bill Hacker; exim users
> Subject: Re: [exim] Backscatter Spam Again. HELP PLEASE!
>
> Hi all,
>
> Interesting replies.
>
> I *think* that a few of you *might* have mesread, or misunderstood my
> problem:
>
> My servers are being seen as the SOURCE of the spam. That is
> to say, my
> servers are being bombarded with messages that have a non
> existent user,
> then, my server bounces the mail to many recipients.
>
> I must admit, that I am suprised that none of you *seem* to
> have had to deal
> with this exact same issue...or am I missing something? I
> hope it does not
> mean that my configuration is so bad ...
>


Why don't you perform several useful checks of the email before checking
for a valid recipient. That's what I do. Checking valid recipient is the
last thing I do in the rcpt acl. For instance...

1) If the sending domain is a popular domain such as Yahoo, the IP
address is checked against the CIDR blocks that I know Yahoo sends from.
If the IP doesn't match, the email is tagged as spam and made to wait a
short length of time.

2) The IP address is checked against a list of naughty CIDR address
blocks, and tagged as spam and made to wait a bit of time weighted based
as to how naughty that network is.

3) Then there are the spamhaus/spamcop checks.

Etc.

The idea here is to make spamming as painful as possible for the spammer
before the message is finally rejected due to invalid recipient. Maybe
I'm off base here.

These basic checks along with the ones WBHacker suggests -- before the
recipient check -- will probably solve your problem. Unfortunately, I
don't know how to do what you actually ask, which is turn off bounces in
favor of a flat out rejection. I would not do that anyway because
bounces are a good thing.

Craig