Posted 30 September 2006 - 01:15 AM
Also, I have catch all email addresses enabled on the domain, would that negate the reverse email thing?
PS> I'm getting bounces right now on SPAM messages that did not come from my server.
Posted 21 November 2006 - 11:42 PM
Best way to do this is through using black list's through something like spam assasin. Try looking at something like spamcop.net 's list. There are loads out there. SpamAssasin is definatly worth looking at.
As to the bounces this is most likley just spamers doing something clever with there headers so it looks like there from your server. Often to fool you into opening them. However if it realy is someone else using your server to send mail this can be a big problem for you, as it could cause your domain to be listed in a black list. This means that anyone using black list checking (an most do) will not be able to receve mail from you. Security and restricaions on out going mail though have become almost as important on the mail accounts themselves.
Posted 22 November 2006 - 12:27 AM
SpamAssassin is great for incoming spam -- doesn't do anything for the fight against spoofing, though.
Posted 22 November 2006 - 09:16 AM
The originating IP address does not match the server IP, so I know it didn't come from anyone on my server
Spamers are clever people! It is possable to make headers look like this. For example you could send an email from your server to me, and with a bit of clever playing it would look like it was sent from my server. What does your mail log say about these sent emails? does it show them as sent by your server? (normaly reprosented by a <= befor the address). Also it is unlikly that they world use your server just to send spam to you. If they are using your server, not just playing with headers, then there may well be multiple sends in your mail log.
If your running something like md5 athentication on your SMTP server it is unlikly there using your server. Do you have users outside your local network using anything other then webmail? If not you can tell your SMTP server to only accept conections from your internal IP range. Would sertinaly stop your problems!
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users