Dealing with forged return addresses hitting my domains?
amb-plug at bradfords.org
Fri Apr 21 10:47:44 MDT 2006
Thus said Kimball Larsen on Fri, 21 Apr 2006 09:03:28 MDT:
> So, until recently, we have had very little problem, but in the last
> =20 few weeks some spammer(s) have gotten hold of our business domain
> and =20= are using it to spoof return addresses, thus slamming my
> systems with =20= hundreds of bounced messages/day.
Are these bounces for legitimate users or are they just picking random
names @yourbusiness.com and spamming those, which in turn get the
> First up is Sender Policy Framework (SPF) (1). I actually had not =20
> heard about this until today when I started researching this problem,
> =20= and have already heard relatively strong opinions on both sides
> about =20= whether SPF is a good or bad thing.
Bad and also not likely to help in this case, see my reply to Hans.
> Next is Domain Keys (2). This sounds promising, but also a bit =20
> daunting to set up correctly.
Better than SPF, but still not likely to help you in this situation.
What exactly is the concern with these bounces? Are they causing
legitimate email to be delayed? Are they being sent to real email
addresses and thus affecting your users productivity? Are they causing
your mail server to get overloaded? Bandwidth? Answers to theses
questions can help in determining the proper solution.
10:47am up 19 days, 2:09, 1 user, load average: 1.00, 1.01, 1.00
More information about the PLUG