[Dshield] victim of spam-trash
Johannes B. Ullrich
jullrich at sans.org
Fri Mar 8 16:48:43 GMT 2002
-----BEGIN PGP SIGNED MESSAGE-----
> A spammer is sending tons of emails with the email-adress
> eddiecandy2782 at sse.de as reply-to or mail from in the header.
> The Domain sse.de belongs to a customer from us. (Which isn't the spammer)
You should be able to configure your mail server to bounce all email to
this userid (and still allow email to other users in that domain).
You probably want to filter these based on the envelope, not based on
headers, to limit processing time wasted. In sendmail, look at the
'blacklist_recipients' feature. In qmail, you have to make sure there is
no alias setup for the user.
other than that, there is not much you can do.
jullrich at sans.org Join http://www.DShield.org
Distributed Intrusion Detection System
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----
More information about the list