From owner-freebsd-questions@FreeBSD.ORG  Thu Jun 16 19:58:03 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 497F216A41C
	for <freebsd-questions@freebsd.org>;
	Thu, 16 Jun 2005 19:58:03 +0000 (GMT) (envelope-from cswiger@mac.com)
Received: from pi.codefab.com (pi.codefab.com [199.103.21.227])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1865743D1D
	for <freebsd-questions@freebsd.org>;
	Thu, 16 Jun 2005 19:58:02 +0000 (GMT) (envelope-from cswiger@mac.com)
Received: from localhost (localhost [127.0.0.1])
	by pi.codefab.com (Postfix) with ESMTP id 701655E0A;
	Thu, 16 Jun 2005 15:58:02 -0400 (EDT)
Received: from pi.codefab.com ([127.0.0.1])
	by localhost (pi.codefab.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 68940-05; Thu, 16 Jun 2005 15:58:01 -0400 (EDT)
Received: from [192.168.1.3] (pool-68-161-69-6.ny325.east.verizon.net
	[68.161.69.6]) by pi.codefab.com (Postfix) with ESMTP id 91A815CAF;
	Thu, 16 Jun 2005 15:58:01 -0400 (EDT)
Message-ID: <42B1DA44.6050409@mac.com>
Date: Thu, 16 Jun 2005 16:00:04 -0400
From: Chuck Swiger <cswiger@mac.com>
Organization: The Courts of Chaos
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
	rv:1.7.8) Gecko/20050511
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Allan_Ross@gov.nt.ca
References: <H0000d540b65ec1c.1118948821.arctic42.gov.nt.ca@MHS>
In-Reply-To: <H0000d540b65ec1c.1118948821.arctic42.gov.nt.ca@MHS>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: amavisd-new at codefab.com
Cc: freebsd-questions@freebsd.org
Subject: Re: Spam sender using domain name as spoofed source
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Jun 2005 19:58:03 -0000

Allan_Ross@gov.nt.ca wrote:
[ ... ]
> The server is suddenly receiving thousands of email a day, from 
> postmasters! It appears that some spam lord has decided that my domain 
> would bea good one for spoofing as the sender address of his garbage. 
> Every one of his spam messages that generates an error message (user 
> does not exist, mailbox full, spam blocking programs, etc) sends the 
> reply to MY SERVER.

You might try configuring SPF information into your DNS.  This is supposed to 
help the people being spammed by forged mail containing your domain reject the 
spam, rather than bouncing it back to you.

Here in the US, if you can show damages larger than $2000, that's when it 
becomes useful to talk to the local police or even the FBI; below that dollar 
figure, computer abuse/fraud doesn't really register.  :-(

-- 
-Chuck