We have the same problem here. Someone has been using our domain name in their headers since January. At times, we were getting a few thousand bounces from mail to over-quota or non-existant accounts.
I added the following line to my exim.conf receiver_try_verify = true This results in an immediate error result to the RCPT command if the user is unknown. I run a script to grep for these errors in the log file just after they are rotated so I know how many of these messages were rejected in the last 24 hours. Currently, there are up to 100 messages a day that get rejected this way. Once in a while, I accept the messages and comb through them to find valid headers, but there is a startling number of USELESS error messages (ie. only From, To, Date, and Subject of bounced message). Patrick. On Mon, Nov 25, 2002 at 10:38:10PM +0100, Kjetil Kjernsmo wrote: > I have just received a spam complaint, and unfortunately, some spammers > have been using an address on one of my domains in their Return-Path > and From-headers. How nice of them :-( . This address has never > existed. I'm using the Exim packages from Woody. [...] > Kjetil -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]