This isn't coming from within our network... Someone on the outside is using these email addresses to send their spam. We just get the responses when they try to send to a person that doesn't exist.
-----Original Message----- From: John Hardin [mailto:jhar...@impsec.org] Sent: Tuesday, February 10, 2009 11:44 AM To: Johnson, S Cc: users@spamassassin.apache.org Subject: Re: system response message backlash from spam messages On Tue, 10 Feb 2009, Johnson, S wrote: > However, over the past few weeks I've had a few select users complain > about receiving 3-4 thousand bounce messages per day from what appears > to be mail delivery error messages. From what I can tell it's the > spammer spoofing the sender with their user ID and the messages they > receive are the servers responding with an unknown user or the like. > > Does anyone know a work around for this? Assuming the forged sender address is in your domain, you should look into publishing an SPF record for your domain and/or implementing DKIM signing of your outbound mail. Unfortunately this will only *reduce* the backscatter, not eliminate it totally. Not everyone checks inbound mail using these antiforgery mechanisms. -- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- Gun Control laws cannot reduce violent crime, because gun control laws assume a violent criminal will obey the law. ----------------------------------------------------------------------- 2 days until Abraham Lincoln's and Charles Darwin's 200th Birthdays -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
