OT - has my email domain been hijacked?
Guy Fraser
guy at incentre.net
Thu Sep 15 17:57:23 UTC 2005
On Wed, 2005-14-09 at 21:06 +0100, Chris Wright wrote:
...snip...
>
>
> That appears to be a SPAMMER who is faking a user ID at your domain in the
> from address.
> The dumb mail server of some of the recipients hasn't worked out that the
> headers are forged, so it is returning the 'unknown address error' back to
> you instead of the source.
> What it should do is look at the headers to see that it is faked, and just
> bin it without doing nothing.
>
...snip...
Mail servers do not generally accept a DATA command if the RCPT
command produces an error, so the rest of the headers are not
looked at. The proper response is to respond with a user
undeliverable error. It is the server that is sending the
message that generates the bounce, not the server receiving the
the invalid mail. The likely problem is an open SMTP relay
that is accepting mail from the spammer. If the spam is not
being relayed then an email to abuse@<isp> with the full content
of the bounced message, should prompt warnings to or disconnection
of the spammer.
--
So it was written.
So it shall be done.
Yul Brenner as Ramses
More information about the users
mailing list