Date: Thu, 16 Jun 2005 13:07:01 -0600 From: Allan_Ross@gov.nt.ca To: freebsd-questions@freebsd.org Subject: Spam sender using domain name as spoofed source Message-ID: <H0000d540b65ec1c.1118948821.arctic42.gov.nt.ca@MHS>
next in thread | raw e-mail | index | archive | help
I have a FreeBSD machine that I set up, mostly to learn more about the ins and outs of *nix based servers. As such I run sendmail on it and Apache to host a small web site. I registered a domain name as well. Things have gone fairly smoothly and without incident until recently. The server is suddenly receiving thousands of email a day, from postmasters! It appears that some spam lord has decided that my domain would bea good one for spoofing as the sender address of his garbage. Every one of his spam messages that generates an error message (user does not exist, mailbox full, spam blocking programs, etc) sends the reply to MY SERVER. Now this would normally not be a big deal as I could simply filter for this stuff and toss it to /dev/null as it comes in, but I am on a broadband connection with a 10GB monthly limit and this traffic added onto my regular monthly traffic, is pushing me well over the 10GB mark and it is costing me money. For now, I have shut down sendmail externally just to stem the flow, but is there a solution for this? How can I prevent the delivery of these messages so that I don't get a traffic at all? Or am I pretty much stuck with either tossing my domain name or shutting down mail services? Any help or guidance appreciated!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?H0000d540b65ec1c.1118948821.arctic42.gov.nt.ca>