The problem with 1a and 1b is that some networks won't accept mail from
non mx hosts.
R A Lichtensteiger wrote:
Dallman Ross wrote:
<> Precis: Spam levels expected to rise with suddenness
<> soon, as blacklists become less effective.
The "trick" of sending out spam via the hosts' legitimate mail relays
has been seen in the wild for about 18 months now. It's not new, just
new to the media :-/ (AOL reported seeing it that long ago, anyway)
There are a number of fixes, of course:
1a. Separate your outgoing relays from your inbound MX hosts.
Some of the trojans do a PTR lookup on their address, then
an MX query on the forward zone.
1b. Configure your MX hosts to not accept mail from INSIDE your
network and configure your outbound relays to not accept mail
from OUTSIDE your network.
2. Enable SMTP AUTH
3. Implement rate limiting on outbound email
The thing that seems to be overlooked about this spammer trick is that
it puts the cost exactly where it ought to be -- if your network
tolerates zombie hosts and spammers, then YOUR relays get hammered, not
mine (well, at least yours get hit before mine do). Finally, some
motivation for companies like comcast and verizon to clean up their
Reto, not too unhappy
procmail mailing list Procmail homepage: http://www.procmail.org/