Date: Thu, 29 May 2003 01:58:05 -0400 From: Chuck Swiger <cswiger@mac.com> To: Kirk Strauser <kirk@strauser.com> Cc: freebsd-questions@freebsd.org Subject: Re: Spammers forged my address - help unbury me from bounces? Message-ID: <3ED5A16D.8050909@mac.com> In-Reply-To: <87el2ixt2v.fsf@pooh.honeypot.net> References: <87el2ixt2v.fsf@pooh.honeypot.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Kirk Strauser wrote: > Some jackass(es) sent a bunch of spam with forged From: headers referring to > non-existent accounts on one of my domains. Consequently, I've been getting > about 20,000 bounce messages per day to Erin@honeypot.net, > Michelle@honeypot.net, etc. What's a good way to handle these? Don't accept the messages in the first place; that way, your machines won't have responsibility for trying to bounce the messages later on. [ ... ] > if ($user == 'Erin' or $user == 'Michelle') > { > send 550 to remote server > do nothing else at all > } You don't mention which mail server you are using, but if you haven't changed the default FreeBSD MTA, add something like: erin@honeypot.net 550 I don't want this mail! michelle@honeypot.net 550 I don't want this mail! ...to /etc/mail/access and do a "make" in /etc/mail. [ ...slightly disordered, but hey... ] > If I don't set up any aliases for those users, then I get bounce messages > from my own mailserver telling me that it couldn't deliver the original > bounce messages to the fake usernames. You could also add something like this to your .mc file: define(`confDOUBLE_BOUNCE_ADDRESS', `nobody')dnl ...to suppress the double-bounce mail being generated. -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3ED5A16D.8050909>