Ronnie Tartar wrote: > We run a descent sized datacenter. The problem I have is that someone > sent out a spam with our abuse email address as the reply to. > > I have added an spf record to the dns now to try and reduce the forged > headers problem. Any other suggestions would be helpful. > > Thanks in advance.
Really there's not a whole lot more you can do about forgery. Forged email, including spam, originates on a system that you don't control, and is received by a system you don't control. All you can really do is publish SPF records and hope the recipient checks SPF. The only other measure you can take is to help make your systems less of a problem for others who face what you now face. 1) Whenever possible configure your MTAs to verify the local recipient address before accepting mail. Try to avoid simply queuing all mail and forwarding it to an internal mailserver which will generate a ton of bounce messages for invalid addresses. 2) When you do bounce a message, make sure it's done as a proper DSN as mandated by the RFCs. i.e. Don't use some broken hack that just sends an email back to the From: address with a useless message like "Your message was not delivered, recipient does not exist" and no other information.
