Spam mail .. need help

hcl-bot · December 24, 2008, 1:51am

hi all,

One of our user getting spam continuously from one site

hi mail id is kk@tt.com and the thing is that the mail also coming from the same kk@tt.com including one picture, if i click the picture it will go to one site. we are using postini as a spam control ,and i blocked that site. but again the mails are coming and every time it will redirect to the same site with different different domain name. how can i block this…

thanks in advance

veena Mriay john

hcl-bot · December 24, 2008, 2:49am

Subject: Spam mail … need help

Check the senders details and you can take from there the originators domain name so you can block the specific domain on domino server also.

hcl-bot · December 24, 2008, 8:02am

Subject: Spam mail … need help

In the configuration document for your mail server:

Router/SMTP>Restrictions and Controls>SMTP Inbound Controls

Under ‘Inbound Sender Controls’, add your internet domain (e.g. tt.com) to the ‘Deny messages from the following internet addresses/domains:’ field

hcl-bot · December 24, 2008, 8:42am

Subject: RE: Spam mail … need help

Stuart:

While that is an excellent idea, the only problem I see with it is if you have users sending mail from other sites that require them to put in their e-mail address. Example: Mailing news reports from CNN.com to people inside of tt.com. It may also apply to your own sites, too. In these cases, the mail would be blocked.

Gregg

hcl-bot · December 24, 2008, 1:13pm

Subject: RE: Spam mail … need help

Hi Greg,

I find that blocking mail where your own domain name has been spoofed as the sending address blocks a fair amount of spam. I think it is becoming a more popular technique among spammers.

It is true that there can be some inconvenience such as the examples you describe, but I would argue that there is no good reason why mail with my return address should be inbound to my mail domain. If mail is coming from cnn.com, it should say so in the ‘from’ address.

BTW, I first started using this technique after reading about it in Chris Linfoot’s blog (http://chris-linfoot.net/d6plinks/CWLT-6R8P9S)

sb

hcl-bot · December 24, 2008, 9:43am

Subject: Spam mail … need help

Since the connection comes from Postini, you can’t block it. Since the message spoofs the sender, you can’t block it.

Call Postini. If you are paying them for anti-spam processing, and there is one message that they are consistently missing, then they need to know about it.

hcl-bot · December 26, 2008, 12:30am

Subject: RE: Spam mail … need help

thank you all