[I am somewhat concerned about the size of the cc list - in that it covers several lists - but for now have let it stand since this is more than just an exim issue]
[EMAIL PROTECTED] said: > We send copies of this spam to [EMAIL PROTECTED] on a daily basis. The > only response I have ever had from AOL is from an autoresponder. > Sometimes we send copies to the relay machine admins, usually > "abuse@<domain>" bounces and sometimes "postmaster@<domain>" bounces > too. I have never had a reponse from any of them. This is culpable idiocy. Just because AOL are bit does not mean they can trample on everyone else in the world. However I guess the problem of launching legal action against a US entity from ZA would make legal a difficult option. Are these messages coming direct from AOL modem space, or through their mail systems - if the latter I would think there is sufficient evidence to get their mail mail systems on the Vixie RBL which tends to make even giants think twice. There needs to be social/legal action taken here since it is not a technical problem. However technical workrounds are:- - refuse at SMTP level all messages to the forged spam sender address this can be done within a vanilla exim, or I guess you would need to hack qmail's receiver [I don't really know qmail well enough to comment] However you will still get piles of messages to abuse@/postmaster@ that domain from the slightly more clued - and there isn't a good way of handling that other than maybe an autoreply (make sure it works right or you will live to regret it). The Teergrube solution is *not* in any way a solution to your problem - don't even consider it. Remember that the machines sending you these bounces and complaints are probably innocently of any proper involvement in this spam run. There are also likely to be thousands of them, so when you say... > This will cause the spaming host to go down, as any operating > system has a limit on open sockets. the system it will take down is *your* system. Also DOSing the relays is likely to bring you into problems of legality. Remember if you have another machine (or even just an IP) on your external internet AS then you could put up exim on that box as an emergency measure and point the domain being hit at that system - at least then you can refuse a pile of the stuff quicker than you can reconfigure your complete mail system. This specialist handler would reject the crud and pass the rest on to your standard MTA config. Nigel. -- [ - Opinions expressed are personal and may not be shared by VData - ] [ Nigel Metheringham [EMAIL PROTECTED] ] [ Phone: +44 1423 850000 Fax +44 1423 858866 ]