Spam with local [Reply-To:] user

[vla]

I started getting thousands of messages for an email account on one of our clients.
After going through some MSGs and the Exim Logs I have noticed that the emails have the Reply-To header set to that speciafic account, however none of this email was sent through the clients' mailserver.

Any help on coping with this issue is highly appreciated.

Thank you all in advance.

 

[dezignguy]

It sounds like a spammer is using your address as a spoofed address in their spamrun... so you get the bounces, angry messages from clueless users, etc. There's not much you can do to stop it though... the best way to at least not see the messages would be to get a spam filter going. You may be able to configure exim to reject the messages that match a certain string if the spams that you're getting contain similar content. Oh, and publish SPF records so that others can see the emails are fakes and reject them... http://spf.pobox.com/

 

[bijo]

I started getting thousands of messages for an email account on one of our clients.
After going through some MSGs and the Exim Logs I have noticed that the emails have the Reply-To header set to that speciafic account, however none of this email was sent through the clients' mailserver.

Any help on coping with this issue is highly appreciated.

Thank you all in advance.

Hi,

you should enable this option in whm

Main >> Server Setup >> Tweak Settings >> Mail

Prevent the user 'nobody' from sending out mail to remote addresses (php and cgi scripts generally run as nobody if you are not using phpsuexec and suexec respectively.)


Silently Discard all FormMail-clone requests with a bcc:


It will help to solve your problem. If it willn't solve your problem please go to this link.

JONATHAN Did a great replay there.

http://forums.cpanel.net/showthread.php?t=28024&page=2&pp=15&highlight=chirpy
or go to
http://www.webumake.com/free/eximdeny.htm


It is very effective to block spamming