On Jul 13, 2014, at 11:52 AM, Pat Traynor <p...@ssih.com> wrote: > On Sun, 13 Jul 2014, Antony Stone wrote: > >> Have you been able to identify whether the "unsolicited mail" which has been >> thus detected is: >> >> - genuine email (possibly of a marketing variety, but still deliberately >> sent) from your hosting customers > > It's absolutely not from MY customers. I don't let anyone relay their > outgoing email through me. So if you host example.com through me and > have a gmail account, mail going to example.com will be forwarded to > there, but if you have a mass emailing, you'll have to send it through > your provider, e.g. Verizon, perhaps. > > Some email does appear to come from legitimate sources, for example, > I'll get an email offering loans, and the sender is "lo...@getaloan.com”.
So it sounds like one or more of your customers is operating an open relay, either deliberately or not. You could refuse to relay messages that didn’t originate directly from your clients’ own machines. -Philip > >> or >> >> - actual spam which is being unwittingly sent out by compromised (or at least >> poorly-secured) systems? > > I see a LOT of that. The same spam email hits me multiple times from a > domain name that sounds completely unrelated to the subject. > > --pat-- > -- > Pat Traynor > p...@ssih.com
