Date: Thu, 25 Sep 2008 09:40:34 -0700 From: Chris Pratt <eagletree@hughes.net> To: FreeBSD-Questions Questions <freebsd-questions@freebsd.org> Cc: David Southwell <david@vizion2000.net> Subject: Re: Flooded with emails to root -- URGG Message-ID: <D90738EF-484A-4EEA-BB3F-E8904B9C88BB@hughes.net> In-Reply-To: <200809250934.57150.david@vizion2000.net> References: <200809250934.57150.david@vizion2000.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sep 25, 2008, at 9:34 AM, David Southwell wrote: > Hi > > I am running postfix. > > Am receiving a flood of emails that appear to emanate from Servers > who have > received spam that has masqueraded root@mydomain as the email source. > > Could anyone please suggest the best way of dealing with these. > Please bear in > mind I am not all that familiar with postfix so if anyone feels > treating me > like an idiot and spoonfeeding the actual command s to use I would > be most > appreciative <chuckles> > I have no idea what a command would be to stop receipt. Cutting off the original generation of the emails being spoofed is more to the point. You may want to look at SPF (openspf.org). If your domain is listed with an spf entry in DNS, you become less tempting as a domain to spoof. Over time, it will all but cease. Once you've created an SPF DNS record, many servers receiving mail spoofed for your domain will begin to drop it rather than backscatter emails back to your server. You should study the information on their site but in a nutshell, you create a TXT record in DNS that lists your servers IP as the only valid machine to send mail for your domain. This tells the others to drop emails from other IPs using your domain. It's relatively effective and painless.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?D90738EF-484A-4EEA-BB3F-E8904B9C88BB>