How to handle senders from other IP spammers?

A

adriangrz

Verified User
Joined
Mar 23, 2021
Messages
65
Hi,

a have this case from yesterday. I saw that I have senders from external IPs that are spammers. Im trying to block them by chcecking sender IP and putting it to block in CSF. But spammer is changing IP from time to time and this is hard to block it manually. Is there a solution when IP sender sends in ex. 100 mails daily then it goes to blocked. Maybe there is other solution which can block this spammer? Please let me know what steps should I do to prevent this? Sender and Authentication are real emails from user (this is strange!). Destination and IP are from spammer.
1700127260088.png
 
Thank you for reply. Yes, I've set max number of email for account, but if user gets limit he cant send emails, spam is blocked but real emails too. I was wondering if is a solution that will filter spammer emails from queue and delete them automatically before send - ideal solution :) Is it something similar available to implement?
 
From the screenshot you've posted can I see your email account is compromised. They either bruteforced or highjacked your email accounts password. You are highly advised:

1. change the email accounts password
2. enable blockcracking feature in Exim. It is designed to block outgoing SPAM.
 
adriangrzybek said:
Sender and Authentication are real emails from user (this is strange!).
Click to expand...
Not really strange, this means the e-mail password of this user is known and hacked.
Like @zEitEr said, change the email acount's password.
Blockcracking will also be a good help.

adriangrzybek said:
but if user gets limit he cant send emails, spam is blocked but real emails too.
Click to expand...
So would you rather have your customer not being able to send real emails for a short time? Or rather would have your server on several spam blacklists where it's hard to get off some of them, like for example Microsoft.
You might want to re-consider your priorities here. ;)
 
You must log in or register to reply here.
Back
Top