Re: Why am I getting so much spam from/to my domain all of a sudden?

Re: Why am I getting so much spam from/to my domain all of a sudden?

am 19.12.2007 06:29:46 von Ohmster

"D. Stussy" wrote in news:fk7pp6$q95$1
@snarked.org:

>
> See "Joe Job."
>
> One good fix (but not perfect): "SPF"

Those are good suggestions but I failed to mention that my DNS server,
zoneedit.com, has "mail forward" and I had it set to send anything
addressed to lettermanstationery.com (*@lettermanstationery.com) to my
ISP mailbox and I was getting clobbered with email to all of these names
that do not even exist as users on that machine or domain. I set my mail
forward to regect *@lettermanstationery.com and only accept specific
users such as postmaster@*@lettermanstationery.com, etc., and the junk
mail has now tapered off to nothing again. I forgot about that feature. I
can setup a temp mail account like billy@lettermanstationery.com, use it
for a while, then make billy@lettermanstationery.com forward to
"nothing" and that mail will no longer be accepted. Good for temp email
addresses, same as using a sendmail alias but I am not using sendmail
activly anymore, too much trouble to maintain with all of the spammers
attacking it daily so I just use sendmail to use my ISP as a smart_host
when sending mail from Linux, but most of my mail get sent from a doze
box directly to my smtp servers out on the net like my ISP or gmail.

I was not using sendmail on the receiving end of the mail for that
domain, but I did have sendmail active on the system. It would appear
that someone just jacked my domain and went batshit, sending spam
"apparently from my domain" and now that anything at my domain is no
longer accepted, the junk mail has stopped.

I had a bad experience once with redhat 9 installed, a year after it went
EOL. I did not want to lose my setup so I refused to update it and got
whacked with a script kiddy who got in through apache and zombied my
machine as a spam server. I had to take it down, format, and install
Fedora to get up to date again and thought for a minute that maybe that
had happened again. It didn't.

Thanks for the milters though, I did bookmark them for future use.

--
~Ohmster | ohmster /a/t/ ohmster dot com
Put "messageforohmster" in message body
(That is Message Body, not Subject!)
to pass my spam filter.