I recently set up an IMail/mxGuard/ClamAV server that sits in front of my corporate email server. It's been running for several days and has reduced the amount of incoming spam & viruses about 95% according to my users.
But, I've now discovered that this new server is listed on bl.spamcop.net. As far as I can tell, this is how it happened: Spammer forges the Mail-From address on a piece of junkmail and dictionary-attacks my domains. My intercept server processes & attempts to forward the message to user(s) that don't exist on the corporate server. The corporate server informs the intercept server that the user(s) don't exist and does not accept the message. The intercept server bounces the message to the forged Mail-From address. The Mail-From address that was forged by the spammer is actually a Spam Trap. The Spam Trap server informs spamcop.net that my intercept server is sending messages with spam content. Is there anything I can do about this? I was going to set up a nobody alias, but I started receiving upwards of 10,000 messages a hour and my server slowed to a crawl. And that was just for one domain. Any help is appreciated! Dave Strzemienski To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
