Dealing with forged return addresses hitting my domains?

Jeff Schroeder jeff at zingstudios.net
Fri Apr 21 09:23:26 MDT 2006


Kimball:

> This being said, should I simply configure my mail server to send all
> these sorts of messages to /dev/null?  What implications arise from
> doing that?

Well, how will you know the difference between a bounced message because 
someone at your domain sent a legitimate message but mistyped the 
recipient's address, and a bounced message from a spammer?  That's the 
trick-- you probably don't want to /dev/null ALL of your bounce 
messages.

> Will my domain wind up blacklisted as a spammer if I 
> simply bury my head in the sand and ignore the problem?

Unfortunately there's absolutely nothing you can do to stop a spammer 
from impersonating your domain.  You can certainly take steps to clean 
up the flood of bounces (although it's a tough line to walk) or make 
your domain more "compliant" (SPF, DK, etc.), but that's about it.

No reasonable blacklist will flag your domain; they typically flag IP's 
of known spam sources.  Flagging domains would be very bad, for 
precisely the reason that they can be faked.  If that was the case, 
someone malicious could send a gazillion spam messages appearing to 
come from, say, Microsoft and get their domain blacklisted. :)

HTH,
Jeff
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available
Url : http://plug.org/pipermail/plug/attachments/20060421/bef2168e/attachment.bin 


More information about the PLUG mailing list