Date: Thu, 29 May 2003 01:58:05 -0400 From: Chuck Swiger <cswiger@mac.com> To: Kirk Strauser <kirk@strauser.com> Cc: freebsd-questions@freebsd.org Subject: Re: Spammers forged my address - help unbury me from bounces? Message-ID: <3ED5A16D.8050909@mac.com> In-Reply-To: <87el2ixt2v.fsf@pooh.honeypot.net> References: <87el2ixt2v.fsf@pooh.honeypot.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Kirk Strauser wrote:
> Some jackass(es) sent a bunch of spam with forged From: headers referring to
> non-existent accounts on one of my domains. Consequently, I've been getting
> about 20,000 bounce messages per day to Erin@honeypot.net,
> Michelle@honeypot.net, etc. What's a good way to handle these?
Don't accept the messages in the first place; that way, your machines won't have
responsibility for trying to bounce the messages later on.
[ ... ]
> if ($user == 'Erin' or $user == 'Michelle')
> {
> send 550 to remote server
> do nothing else at all
> }
You don't mention which mail server you are using, but if you haven't changed
the default FreeBSD MTA, add something like:
erin@honeypot.net 550 I don't want this mail!
michelle@honeypot.net 550 I don't want this mail!
...to /etc/mail/access and do a "make" in /etc/mail.
[ ...slightly disordered, but hey... ]
> If I don't set up any aliases for those users, then I get bounce messages
> from my own mailserver telling me that it couldn't deliver the original
> bounce messages to the fake usernames.
You could also add something like this to your .mc file:
define(`confDOUBLE_BOUNCE_ADDRESS', `nobody')dnl
...to suppress the double-bounce mail being generated.
-Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3ED5A16D.8050909>