iis setup help needed

Forum Moderators: open

Message Too Old, No Replies

iis setup help needed

spammers using our domain name as return address

malinkam

11:32 pm on Jul 4, 2008 (gmt 0)

Some spammers have been sending thousands of spam using our domain name as return address. Obviously we get all the bounce backs. What is the latest on protecting yourself against this? Should we disable catch all account? Is this a good idea?
Most of return addresses are:
blabla@ourdomain.com
blabla2@ourdomain.com
blabla3@ourdomain.com
etc, etc.

Thank you in advance

malinkam

11:33 pm on Jul 4, 2008 (gmt 0)

forgot to add, it's windows 2003 server, iis 6

pageoneresults

11:34 pm on Jul 4, 2008 (gmt 0)

Are they just "spoofing" the "From Address" or are they able to send out email from your domain? Two different things to discuss here.

malinkam

11:39 pm on Jul 4, 2008 (gmt 0)

sorry, spoofing

pageoneresults

11:42 pm on Jul 4, 2008 (gmt 0)

Nothing you can really do other than educate your customers on how the From address can be spoofed by anyone.

As long as you have SPF in place and you have other bases covered like not allowing SMTP Relay, you should be fine. I say "should be" because email these days is best left for the Professionals.

malinkam

11:44 pm on Jul 4, 2008 (gmt 0)

no, no spf has been setup, I guess that's a good start and I'll look into the smtp relay as well,

malinkam

11:44 pm on Jul 4, 2008 (gmt 0)

where's my manners, thank you.

Staffa

6:17 am on Jul 5, 2008 (gmt 0)

You might also want to disable your catch all account.
It will save you from having to deal with all the bounce backs and genuine people wanting to contact you will use either your site forms or any address you gave them any way.

dukelips

5:16 am on Jul 8, 2008 (gmt 0)

Only way to stop is to remove catch all account, we had this issue and after removing catchall . the problem stopped