Blocking Sender Host
We have a third-party that is spamming our server. A valid email address and domain of ours is being used as the send from and return path and it's being abused.
When viewing Mail Delivery Reports, the Sender Host is clearly identifiable as the bad actor, and in the headers of the emails it says it's sending to our valid email address "by" and then lists the bad actor's domain.
I've tried setting up exim with a deny_senders file containing both the full email address of ours that is being abused and *[bad actor's domain], but it doesn't appear to do anything. It was placed under Exim Configuration Manager -> Advanced Editor, under the setting acl_stmp_data -> custom_begin_outgoing_smtp_checkall -> deny senders = /etc/deny_senders
They are sending hundreds of thousands of emails daily. What can we do to stop this? Please help. This has been going on for days and has created lots of poor delivery rates for our legitimate emails.
-
Tips to the moderator: Instructing me on what I can and can't put in the post so that I can still get my question answered is far more helpful than just removing every single piece of useful information from my post. But thanks for looking out for sensitive information I guess. 0 -
Hello @boyd108 Would it be possible to repost the information but remove any identifying information such as IP addresses, hostnames and email addresses - the guidelines here are helpful to know what should and shouldn't be posted. Thank you, 0
Please sign in to leave a comment.
Comments
3 comments