Tom Q. Citizen wrote: > Hi! I host a number of domains on a box and I recently added one which > has resulted in that domain literally being HAMMERED by some spammer > sending spam to every kind of bogus e-mail address for this new domain you > can think of. > > The server is a Linux box running RedHat 9 with Qmail > (netqmail-1.05)/Vpopmail 5.4.9/Courier-IMAP 4.1.0 w/ SpamAssassin 3.1.1 > (perl 5.8.8)/ClamAV 0.88.1. > > The incoming messages are being sent to addresses like: > > [EMAIL PROTECTED] > > and sometimes there will be other addresses CC'd on the message. The CC'd > addresses are in other domains and mainly in the ".ru" domain. > > For a while, Qmail was bouncing the messages and since then I've changed > it to have the messages delivered to the postmaster account. So, the > postmaster for mydomain.com is geting flooded with spam addressed to bogus > messages in the mydomain.com domain. > > What can I do to stop this?
Configure your qmail to verify the validity of the recipient durring the SMTP RCPT To: command like every other MTA out there does. (And qmail can be made to do this, but doesn't by default) Spamcop.net has some suggestions of addons to qmail that let it do this correctly. qmail-ldap and spamcontrol: http://www.spamcop.net/fom-serve/cache/329.html Generally, I think qmail-ldap would do this task better, or switch to a different MTA that has recipient validation built-in.
