Re: Spammers using a non-existant address as return-path
We have the same problem here. Someone has been using our domain name
in their headers since January. At times, we were getting a few
thousand bounces from mail to over-quota or non-existant accounts.
I added the following line to my exim.conf
receiver_try_verify = true
This results in an immediate error result to the RCPT command if the
user is unknown. I run a script to grep for these errors in the log
file just after they are rotated so I know how many of these messages
were rejected in the last 24 hours. Currently, there are up to 100
messages a day that get rejected this way.
Once in a while, I accept the messages and comb through them to find
valid headers, but there is a startling number of USELESS error messages
(ie. only From, To, Date, and Subject of bounced message).
On Mon, Nov 25, 2002 at 10:38:10PM +0100, Kjetil Kjernsmo wrote:
> I have just received a spam complaint, and unfortunately, some spammers
> have been using an address on one of my domains in their Return-Path
> and From-headers. How nice of them :-( . This address has never
> existed. I'm using the Exim packages from Woody.