Hi Jeremy! On Thu, Mar 30, 2023 at 05:03:47PM +0800, Jeremy Ardley wrote: > > On 30/3/23 16:30, Julian Gilbey wrote: > > I'm getting a significant number of spam messages being sent to my MTA > > (exim) for the address FRPJXbKeKuek at sport.qc.ca, and now I'm > > starting to see some sent to www-data at aether.toine.be. What is > > disturbing is that the machine is on a local network, and my > > internet-facing router does not forward anything to this machine. So > > I presume that these mails are originating from the machine itself. > > The first problem I see is you have just published the internal DNS name of > a machine in your local network.
To clarify: these are the addresses that the email was addressed to. They have absolutely no relationship with my personal network(s), hostname(s) or personal email addresses. But I think I've just solved the problem (by grepping for this email address across my system); my local machine was - unknown to me - running fetchmail. These spam messages must have been sent to the mail server being read by fetchmail. That is a relief! Best wishes, Julian
