On man 31 aug 2009 23:11:14 CEST, Kevin Miller wrote
to a bunch of Russian recipients on servers that don't bother to
check SPF, with my users address in the from field. The Russian
servers then send NDRs for non-existant users on their servers.
Rather than reject at the handshake, they're apparently accepting
the spam then bouncing it.
block sender ip in mta for this mails, there is no point in spam
scanning bounces anyway when the remote server did a very fine job of
spam scanning and bounce spam, you are not alone on this problem, if
more mta setups checks spf in mta, there would be less bounces to
forged senders
what mta is used on the remote ?, and is there sign of something going
bad with qoutas ?
its should really be made a howto run a mta for dummies :)
--
xpoint