[quote user="PaulW"]
If you are using MercuryS to receive mail, you can drop bad addresses with a 500 type error if you have 'Accept mail for invalid local addresses' unchecked in MercuryS configuration.
[/quote]
Been doing that for years. It doesn't stop the spammers who target mailing lists and maiser.
Mr. Spammer wants to target PaulW@YourDomain.com, so he sends an EMail to ListName@MyDomain.com spoofed to look like it came from you. You get back an error bounce that says "List is restricted and you are not a member", with the spam attached. I've just relayed spam to you for Mr. Spammer.
I posted this question because, while working on the server to try and get my earlier mailing list question sorted, I witnessed a connection to maiser, followed immediately by a series of spams targeting mailing lists, some coming from the same IP as the maiser connection and some targeting the same fake EMail used. When I hid all of the mailing lists, I later witnessed spam being relayed by targeting maiser@, which was returning an error to the effect of "not a valid command" with the spam attached. It's absolutely clear to me that someone has written a bot to search out and target Mercury servers to relay spam for them in this way.
When I looked at the MercE log, I was appalled. I was sending more "error bounces" (i.e. spam) than legitimate EMail.
After posting this question I got fed up and created a couple general
rules that search the body for certain phrases in the error bounces,
and move them to user "Spam" if found, but that's not ideal. It kills
all error bounces, even for local users. I'd rather live with that for
now than the alternative.
[quote user="PaulW"]<p>If you are using MercuryS to receive mail, you can drop bad addresses with a 500 type error if you have 'Accept mail for invalid local addresses' unchecked in MercuryS configuration.</p><p>[/quote]</p><p>Been doing that for years. It doesn't stop the spammers who target mailing lists and maiser.</p><p>Mr. Spammer wants to target PaulW@YourDomain.com, so he sends an EMail to ListName@MyDomain.com spoofed to look like it came from you. You get back an error bounce that says "List is restricted and you are not a member", with the spam attached. I've just relayed spam to you for Mr. Spammer.</p><p>I posted this question because, while working on the server to try and get my earlier mailing list question sorted, I witnessed a connection to maiser, followed immediately by a series of spams targeting mailing lists, some coming from the same IP as the maiser connection and some targeting the same fake EMail used. When I hid all of the mailing lists, I later witnessed spam being relayed by targeting maiser@, which was returning an error to the effect of "not a valid command" with the spam attached. It's absolutely clear to me that someone has written a bot to search out and target Mercury servers to relay spam for them in this way.
When I looked at the MercE log, I was appalled. I was sending more "error bounces" (i.e. spam) than legitimate EMail.&nbsp;</p><p>After posting this question I got fed up and created a couple general
rules that search the body for certain phrases in the error bounces,
and move them to user "Spam" if found, but that's not ideal. It kills
all error bounces, even for local users. I'd rather live with that for
now than the alternative.</p>