I have LFD on my server that monitors emails sent by relay, I'm currently seeing 100's of rejection emails from other email services (such as gmail) saying the message could not be delivered "return to sender".
Is there anything I can do to prevent someone using my mail server for relay?
Currently I'm just using LFD to block the sender if more than 200 come from that address.
Is there anything I can do to prevent someone using my mail server for relay?
Currently I'm just using LFD to block the sender if more than 200 come from that address.
Code:
Subject: lfd on tent.myotherdomain.com: RELAY Alert for 187.23.175.140 (BR/Brazil/bb17af8c.virtua.com.br)
To: [email protected]
Time: Wed Dec 5 14:25:46 2012 +0000
Type: RELAY, Remote IP - 187.23.175.140 (BR/Brazil/bb17af8c.virtua.com.br)
Count: 203 emails relayed
Blocked: Temporary Block
Sample of the first 10 emails:
2012-12-05 14:08:44 1TgFeV-0006I1-7b <= [email protected] H=(Smkt) [187.23.175.140] P=esmtp S=339 T="smtp.mydomain.com:25" from <[email protected]> for [email protected]
2012-12-05 14:08:44 1TgFeV-0006I2-Kn <= [email protected] H=(Smkt) [187.23.175.140] P=esmtp S=343 T="mail.mydomain.com:25" from <[email protected]> for [email protected]
2012-12-05 14:08:46 1TgFeX-0006I1-DR <= [email protected] H=(Smkt) [187.23.175.140] P=esmtp S=351 T="smtp.mydomain.com:25" from <[email protected]> for [email protected]
2012-12-05 14:08:46 1TgFeX-0006I2-Lo <= [email protected] H=(Smkt) [187.23.175.140] P=esmtp S=347 T="mail.mydomain.com:25" from <[email protected]> for [email protected]
etc...