Hey Everyone,
Not sure if this is isolated or not but we have been receiving a deluge of forged emails bouncing off other servers. Is there some new virus out there causing this as it seems really sudden?
Here is the scenario: The emails are bouncing back to our server and being rejected because there is no such user. This is seriously hampering our servers capacity to process email in a timely manner. Spent a better part of the day cleaning up the queue. Thank the lord for Chirpy's Configserver Mail Queues, makes the task so amazingly easy (Thanks Chirpy!). The forged emails are concentrated on a few specific domains, I'd say about 80%. I'd like to add a function in Exim that would drop emails for non-existent users in these domains. I know this goes againts SMTP protocols but if I apply it to just the implicated domains I think I will be striking a relative balance between keeping my server functional and 'mostly' compliant.
So this is what I am thinking. I create a list of affected domains and drop anything that is not destined to an actual user. This would prevent my server from sending a return message to another non-existent user and clogging up my outgoing queue.
So I would need something to do the following:
a) read a list of affected domains
b) from this list of domain drop anything that does not have a verifiable user.
Can anyone help??
G
Not sure if this is isolated or not but we have been receiving a deluge of forged emails bouncing off other servers. Is there some new virus out there causing this as it seems really sudden?
Here is the scenario: The emails are bouncing back to our server and being rejected because there is no such user. This is seriously hampering our servers capacity to process email in a timely manner. Spent a better part of the day cleaning up the queue. Thank the lord for Chirpy's Configserver Mail Queues, makes the task so amazingly easy (Thanks Chirpy!). The forged emails are concentrated on a few specific domains, I'd say about 80%. I'd like to add a function in Exim that would drop emails for non-existent users in these domains. I know this goes againts SMTP protocols but if I apply it to just the implicated domains I think I will be striking a relative balance between keeping my server functional and 'mostly' compliant.
So this is what I am thinking. I create a list of affected domains and drop anything that is not destined to an actual user. This would prevent my server from sending a return message to another non-existent user and clogging up my outgoing queue.
So I would need something to do the following:
a) read a list of affected domains
b) from this list of domain drop anything that does not have a verifiable user.
Can anyone help??
G
