Re: [exim] Forged FROM

Top Page
Delete this message
Reply to this message
Author: Heiko Schlittermann
Date:  
To: exim-users
Subject: Re: [exim] Forged FROM
Yan Seiner <yan@???> (Do 28 Jul 2016 19:48:18 CEST):
> Hi everyone:
>
> I'm not sure what, if anything can be done about my situation. One spambot
> is forging my email address and IP in their FROM headers, so my email server
> is getting hammered with bounces.


> I don't think there's anything I can do except ride this out but it's really
> starting to annoy me. Since I never see the original emails, only the
> bounces with the forged FROM info, I can't even figure out where this is
> coming from.


You can configure BATV (bounce address tag validation), this way you can
tell which bounce is in response to one of your mails and which bounce
is in response to a faked message.

Check the spec file for BATV and PRVS.

https://en.wikipedia.org/wiki/Bounce_Address_Tag_Validation

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -