Todd Reese writes:
>
>
> I'm looking for suggestions on this one.
>
> It has come to my attention that some of the spammers are forging their
> mail as being from [EMAIL PROTECTED]
> and relaying wherever they want. What is the best way to stop this action
> from happening?
If you mean that they're relaying through your machine, the return address
is irrelevant, because Qmail does not use that as a relay control. More
than likely your machine is a completely open relay, that you will need to
fix.
> I'm already using rbl and orbs to block unwanted sites now.
If you mean that your domain's return address is forged on spam runs that
occur elsewhere, you have several options available to you.
A number of recent court cases upheld the notion that this is wire fraud.
The FBI is not really very interested in these things, the best results
were obtained by suing the forgerers in civil court.
That, however, will take some time to happen. I have found that a much
quicker way to resolve the issue is to write a rather simple mail filter to
trap all the bounces and flames that are going your way (which are easily
filtertable), and automatically forward them to the spammer in charge,
letting them drown under their own bilge.
After I started doing that, and I made it known that they will still end up
getting all their bounces and flames, I no longer had to waste my time on
situations like that.
--
Sam
