Way to defeat spoofed/returned emails in exim?

We have all witnessed the spammer/spoofer, who sends an email with a FROM address that belongs to a client on our servers. Our exim queue then gets flooded with bounced messages from the spam that was sent out (Gets returned to the legal FROM address that the spammer used).

I have hundreds and hundreds of these types of email in my exim queue tied to a single domain on my server. I have gone into his Cpanel and made his default email address :blackhole: .

Is there another, centralized way that exim can be configured to defeat this type of useless bounced email resulting from spoofed FROM addresses?

<sigh> I spend more time each day dealing with spam related issues than anything else these days. </sigh>

 

Originally, this account was setup to send unrouted mail to :blackhole:

Now, all accounts are set to :fail: on the server as was suggested at http://www.configserver.com/free/fail.html

I am monitoring the queue to see if this has helped. My first observations indicate that it has helped.

 

As I understand it, SPF records are not universal, and compliance is low. Is SPF really effective at this early stage in its implementation?

Does a CPanel server handle the SPF protocol well on incoming email or does it ignore it?

 

Right, but does Cpanel support SPF? Will exim stop email forwards from coming in based on SPF?