Re: [cobalt-users] spam - uncontrolable email being relayed [RaQ3)

["Edward Bishop" <eddie@xxxxxxxxxxxxxxxx>]

> Hi,
> being searching around the archives for sometime, cant seem to find an
> answer so here goes-
>
> Im getting around 40 emails an hour sent to the administrator email from
the
> 'Mail Delivery Subsystem'. They are all telling me that 'the following
> addresses had permanent fatal errors' . The failed emails are all junk
mail,
> things such as 'you have won....' and 'GREAT BUSINESS OPPURTUNITY...'.
>
> Im guessing that these emails a being sent through the server because of
my
> relaying settings (basically allowing anything, so set up because users on
> the server wanted to be able to freely email to any address).
>
> Basically my question is have I guessed right, if not does anyone know
whats
> happening and either way can anyone tell me how to stop it.
>
> Thanks in advance
>
> Luke Cousins
>

I'm sure someone will give you a more complete answer shortly, but since
this is urgent I'll tell you what I know:

1 Close the open relaying imediately. If 40 messages aren't getting through
(because of wrong destination addresses) it's likely that a much larger
number are and the admins of the servers receiving them are liable to bar
your domain. Restricting relaying doesn't stop your users emailing any
address - it stops them sending except when connected (eg dialled-up) via
certain hosts. Getting barred, however, will prevent them sending to certain
addresses and is much harder to correct.

2 Look at your maillog to find out the domain of the no-mark who's sending
the spam and post it to the list.

All best
Eddie