On Mon, 14 May 2018 at 11:32, Jasen Betts via Exim-users <
exim-users@???> wrote:
> On 2018-05-14, Mark Elkins via Exim-users <exim-users@???> wrote:
> > Someone is using "please@???" as the source of spam e-mail. The
> > address does not exist...
>
> step 0: publish an SPF record.
>
Umm… This would help authenticate *outgoing* mail, but from the sound of it
(here and in a later message) Mark is seeing *incoming* Non-Delivery
Reports coming back *into* his <please@???> address. So an SPF
record isn't likely to help block these as his domain won't be in the
RFC5321.MailFrom address or the HELO string (used, if memory serves, when
the RFC5321.MailFrom is <> such as for Non-Delivery Reports).
You're perhaps looking at BATV
<
https://en.wikipedia.org/wiki/Bounce_Address_Tag_Validation> instead so
you can discard invalid NDRs coming back as backscatter spam. But that
would be a longer term solution rather than a quick fix to address (if
you'll pardon the bijou pun-ette) the current address problem he's seeing.
Cheers,
Mike B-)
--
Systems Administrator & Change Manager
IT Services, University of York, Heslington, York YO10 5DD, UK
Tel: +44-(0)1904-323811
Web:
www.york.ac.uk/it-services
Disclaimer:
www.york.ac.uk/docs/disclaimer/email.htm