Matt Kettler wrote:
Tom Q. Citizen wrote:
Hi! I host a number of domains on a box and I recently added one which
has resulted in that domain literally being HAMMERED by some spammer
sending spam to every kind of bogus e-mail address for this new domain you
can think of.
The server is a Linux box running RedHat 9 with Qmail
(netqmail-1.05)/Vpopmail 5.4.9/Courier-IMAP 4.1.0 w/ SpamAssassin 3.1.1
(perl 5.8.8)/ClamAV 0.88.1.
The incoming messages are being sent to addresses like:
[EMAIL PROTECTED]
and sometimes there will be other addresses CC'd on the message. The CC'd
addresses are in other domains and mainly in the ".ru" domain.
For a while, Qmail was bouncing the messages and since then I've changed
it to have the messages delivered to the postmaster account. So, the
postmaster for mydomain.com is geting flooded with spam addressed to bogus
messages in the mydomain.com domain.
What can I do to stop this?
Configure your qmail to verify the validity of the recipient durring the
SMTP RCPT To: command like every other MTA out there does. (And qmail
can be made to do this, but doesn't by default)
Spamcop.net has some suggestions of addons to qmail that let it do this
correctly. qmail-ldap and spamcontrol:
http://www.spamcop.net/fom-serve/cache/329.html
Generally, I think qmail-ldap would do this task better, or switch to a
different MTA that has recipient validation built-in.
Thanks to you and the others who responded with suggestions. Sorry for
the late reply but I've been busy. :)
Peace...
Tom
