Spammers using [email protected] to send spam

L

Leomania

New member
Joined
Aug 9, 2006
Messages
2
One or more spammers is using the email address "[email protected]" (not the real domain name, of course) to send spam. They just send an invalid command and put the email address they want to spam into the "From" field and presto, spam sent.

I have worked around this for the one domain it's happening to consistently by changing the list.aliases file and changing "majordomo" and "majordomo-owner" to another name; that results in Exim sending a bounce message to the sender, not the user in the "From" field. Will this change get overwritten the next time the mailing list(s) for this domain are edited? If so, can I prevent that?

Is my solution the best way to deal with this, or is there a better way?
 
I am noticing the same problem happening more often. Here is my solution that works for all domains on the server. First, turn on SpamAssassin and config it to tag spam by prefixing "*****SPAM*****" to the subject:

/etc/mail/spamassassin/local.cf:
Code: 
# How many hits before a message is considered spam.
required_hits           5.0

# Whether to change the subject of suspected spam
rewrite_header          Subject *****SPAM*****

Then modify Majordomo to drop emails that has been tagged as spam. Search for "# robots should not..." and add a couple of lines above it like this:

/etc/virtual/majordomo/majordomo:
Code: 
# don't respond to spam
exit 0 if ($hdrs{'subject'} && $hdrs{'subject'} =~ /^\*{5}SPAM\*{5}/);

# robots should not reply to other robots...

Not a perfect solution since SpamAssassin must identify the spam, but it is better than nothing.
 
You must log in or register to reply here.
Back
Top