From owner-freebsd-isp Tue Jan 22 16:22:52 2002 Delivered-To: freebsd-isp@freebsd.org Received: from metva.com.au (metva.com.au [202.0.82.1]) by hub.freebsd.org (Postfix) with ESMTP id 3B82A37B41C for ; Tue, 22 Jan 2002 16:22:20 -0800 (PST) Received: (from enno@localhost) by metva.com.au id LAA08632 for freebsd-isp@FreeBSD.ORG; Wed, 23 Jan 2002 11:21:49 +1100 (EST) From: Enno Davids Message-Id: <200201230021.LAA08632@metva.com.au> Subject: Re: Spam issue To: freebsd-isp@FreeBSD.ORG Date: Wed, 23 Jan 2002 11:21:48 +1100 (EST) X-Mailer: ELM [version 2.4ME+ PL39 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 22 Jan 2002 18:47:36, Todd wrote: > Recently a friend of mine started receiving a lot of bounced messages to > his root mail acct on a FreeBSD 4.1 machine that he has. It looks as > though someone is using him as a spam relay. He is running Sendmail ver > 8.11 and has relay denied. According to the times indicated on the Is it actually spam or the new trend spammers have started using, namely randomly picking addresses from their spam lists to install as From: addresses. I received a bunch of bounces 3 or so weeks back which had my email address as the sender on pieces of clear spam. My first thought was my server had been used as a relay as well but the headers of the original mail (in the bounce) made it clear it had never passed with 1 continent of my system. Also Errors-to: and Reply-to: had been set to try preventing me from seeing the evidence. In fact as far as I could tell only non-cooperative MTAs were actually sending bounces to me (notably yahoo mail). Might be worth checking if this is what you're seeing... Enno. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message