[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Spammers using a non-existant address as return-path

Dear all,

I have just received a spam complaint, and unfortunately, some spammers 
have been using an address on one of my domains in their Return-Path 
and From-headers. How nice of them :-( . This address has never 
existed. I'm using the Exim packages from Woody. 

For quite some time, I have seen it show up in my server logs, I'm 
rotating them too often, I guess, and I don't remember exactly what I 
have seen long ago, but recently I have seen things like:
2002-11-15 01:48:08 verify failed for SMTP recipient 
denis6012563@skepsis.no from <> H=mta458.mail.yahoo.com 

I allow VRFY, and most of these come from yahoo.com or hotmail.com, I 
guess that has to do with spam filters they use. This address is 
probably getting a lot of bounces, which is then bounced off my server, 
and I don't want to waste my resources with accepting those, all in all 
I want to conserve as much as I can.

But, is there something I _should_ do in this situation, like including 
some text in the bounce saying that this address has never existed, and 
is being abused by spammers? If yes, _how_ should I do it?

I hope this is the right forum to ask... 


Kjetil Kjernsmo
Astrophysicist/IT Consultant/Skeptic/Ski-orienteer/Orienteer/Mountaineer
kjetil@kjernsmo.net  webmaster@skepsis.no  editor@learn-orienteering.org
Homepage: http://www.kjetil.kjernsmo.net/

Reply to: