<snip>

[edited by: trillianjedi at 3:05 pm (utc) on Dec. 5, 2006]
[edit reason] Specifics are not required, thanks.... [/edit]

<snip>

apparently they have quite a wide network of IPs and bandwidth

[edited by: trillianjedi at 3:05 pm (utc) on Dec. 5, 2006]

you can use mod_rewrite to redirect the request to some other url which might be useful for the purpose based on a request header value.

please see this:
[httpd.apache.org...]

mod_rewrite is for web access, this is email

Someone sent me some interesting info about <snip> on <snip>

[edited by: amznVibe at 2:22 pm (utc) on Dec. 5, 2006]

[edited by: trillianjedi at 3:03 pm (utc) on Dec. 5, 2006]
[edit reason] No specifics please ;) [/edit]

Do you have a catchall account setup? At one point I had one, and one christmas I had my server fill up with 30,000 emails (which made it go slow) I have since removed the catchall account. I still get spam but only spam to email accounts that exist. I am using exchange 2003.

Let's not name names here, please. Our TOS refers and the specifics are not required.

Thanks,

TJ

You may take a closer look on that mail spam.
Is it spam for company XYZ or in their name (may be a joe-job?) -- or does it really originate from IP addresses belonging to them? Or from arbitrary random IP addresses?
If it is originating from *their* IP addresses, then identify their IP address ranges and block entire ranges, not just single addresses.
If you can find those IP addresses listed on SORBS or SPAMHAUS or other RBLs, then let your mailserver use these RBLs. If they originate from a network of zombified spam bots on enduser dial-up addresses, then use a DUL RBL.
Depending on your specifics, this may help a lot -- or not.

Kind regards,
R.

What is the call to action in the spam? That is your clue to identifying the spammer, which may or may not be who they appear to be on the surface.

If they want you to go to a web site, check the URL carefully. Does it go to the site it claims to be? Use WHOIS to see if it really belongs to the company they are claiming to be. Check for affiliate codes in the URL. Do they want you to call a phone number? There are reverse-number directories.

If there's an affiliate code, contact the company and tell them that one of their affiliates is spamming.

If they've set-up a fake site using similar name, etc. also contact the company they are faking - their legal department has better resources than you do, and an interest in making them stop.

If there is a phone number, it is almost certainly the number to a third-party call center, 900-program operator, etc. They generally don't want the liability of being associated with spam, and can bring pressure on the spammer or even cut-off their phone service.