On 2007/09/25 00:08, patrick keshishian wrote: > > I'm very certain right now, this flood is due to a spammer > using these fake addresses @my-domain-name to spam these mail > server (all around the world -- Japan, South America, US, > Germany, Ireland, etc...) and I'm getting the brunt of it in > the form of these bounced messages. > > At this point I think I have no other choice but to wait out > the "storm".
If it's compatible with how you use the domain, it might help to publish SPF records. > When you speak of "misconfigured mail servers bouncing spam", > what exactly is a "proper configured mail server" supposed to > do with spam directed at non-existing user @their-host-name? The correct behaviour is to reject it at the SMTP port, rather than issue a bounce. Also: all hosts listed in MX records should be aware of the list of valid users and do the same. For sendmail, this is easy to do with the access map. For Postfix, relay_recipient_maps. > FYI, as of now my: > > - GREY list count is 342 (and growing) > - unique bogus email count is 341 > - ESTABLISHED spamd connection count is 63 (and growing) > > This is not fun :-\ These are bounces, so they'll be coming from MTAs with retry queues, so they generally will make it through to the real MTA after (a minimum of) 3 retry attempts. Depending on how many "normal" spams that spamd saves you from, it may be a hindrance to use greylisting here. It might be better just to get these mails handled quickly and out of the sender's queues (depends on your bandwidth situation). On 2007/09/24 20:01, patrick keshishian wrote: > Btw, your "reply-to" field contains my e-mail address. Is that > intended? Mail-Followup-To, actually - yes. It wouldn't totally surprise me if gmail is doing something unexpected with it, though (-:
