bobbycrispbox
09-01-2005, 01:53 PM
OK, so twenty minutes ago someone used an open relay somewhere to send out a lot of spam with an email address in my domain as the from address. This resulted in me getting goodness knows how many bounced emails from mail servers all over the place. Doubtless it will also mean I'll start getting lots of abusive messages from people who believe that I sent the spam.
Fortunately, the email address the spammers used was not one in use in my domain (how do spammers make up email addresses for the from part?) so I've been able to edit my virtusertable to send the mail that is sent to that specific email address into a black hole.
randomspammeraddress@mydomain.com blackhole
So, the first question; was this the correct thing to do? I'm not sure if the spamming session has stopped, or if I did something right here, but I haven't had any spam email for a few minutes now.
The second question is what do I do now to protect myself in the future. Currently, my virtusertable also has this:
@mydomain.com myemailaddress@anotherisp.com
So I get everything to the domain. I don't really want to change this as I like to use email addresses like topica@mydomain.com so that I have a bit of an idea where spam originates from. Any thoughts on this? I think I need to get spamassassin - can someone point out a good, easy howto?
Final question: Have I done anything here that makes me a bad net citizen? I want to do the best I can, and I'm generally pretty good at keeping on top of the computers I control, but I'm not a professional linux admin, and I feel that I'm stretching the limits of my expertise here.
Fortunately, the email address the spammers used was not one in use in my domain (how do spammers make up email addresses for the from part?) so I've been able to edit my virtusertable to send the mail that is sent to that specific email address into a black hole.
randomspammeraddress@mydomain.com blackhole
So, the first question; was this the correct thing to do? I'm not sure if the spamming session has stopped, or if I did something right here, but I haven't had any spam email for a few minutes now.
The second question is what do I do now to protect myself in the future. Currently, my virtusertable also has this:
@mydomain.com myemailaddress@anotherisp.com
So I get everything to the domain. I don't really want to change this as I like to use email addresses like topica@mydomain.com so that I have a bit of an idea where spam originates from. Any thoughts on this? I think I need to get spamassassin - can someone point out a good, easy howto?
Final question: Have I done anything here that makes me a bad net citizen? I want to do the best I can, and I'm generally pretty good at keeping on top of the computers I control, but I'm not a professional linux admin, and I feel that I'm stretching the limits of my expertise here.