Spam sender using domain name as spoofed source

Allan_Ross at Allan_Ross at
Thu Jun 16 19:07:06 GMT 2005

I have a FreeBSD machine that I set up, mostly to learn more about the 
ins and outs of *nix based servers. As such I run sendmail on it and 
Apache to host a small web site. I registered a domain name as well. 
Things have gone fairly smoothly and without incident until recently. 
The server is suddenly receiving thousands of email a day, from 
postmasters! It appears that some spam lord has decided that my domain 
would bea good one for spoofing as the sender address of his garbage. 
Every one of his spam messages that generates an error message (user 
does not exist, mailbox full, spam blocking programs, etc) sends the 
reply to MY SERVER. Now this would normally not be a big deal as I could 
simply filter for this stuff and toss it to /dev/null as it comes in, 
but I am on a broadband connection with a 10GB monthly limit and this 
traffic added onto my regular monthly traffic, is pushing me well over 
the 10GB mark and it is costing me money. For now, I have shut down 
sendmail externally just to stem the flow, but is there a solution for 
this? How can I prevent the delivery of these messages so that I don't 
get a traffic at all?  Or am I pretty much stuck with either tossing my 
domain name or shutting down mail services?

Any help or guidance appreciated!

More information about the freebsd-questions mailing list