Spam Originating Within Domain

[jaryd]

Hello All,

I am currently running a Sendmail Version 8.13.8 mailserver with spamassassin on a Debian 4.1 VM. Recently I have run into issues with spam bots connecting to my SMTP service and sending my users spam messages. They cannot relay out to other domains, but have no trouble sending messages within my domain.

I have tried enabling SMTP authentication but this breaks my receipt of incoming mail.

I am hoping that there is something simple here that I am missing -- have any of you experienced this problem?

Thanks for your time!

[scathefire]

you running spam assassin?

i'm afraid spam is a way fo life on the internet. SMTP AUTH won't work for incoming mail. Think about it: every single mail server would have to authenticate, including the legitimite ones. how is that suppose to work? it won't. in a perfect world it would, but alas i don't think i will ever see it happen.

what type of spam is it? solicitation? back-scatter?

if you are running spamassassin, maybe you should also give mailscanner a try it can help you control the problem.

[jaryd]

The spam is mostly pornographic, or trying to convince me to order mail-order russian brides =)

I am running spamassassin.. Can mailscanner run on top of that?

[scathefire]

Mailscanner kind of bundles it all together (virus scanner, file-type filter, spam assassin, etc.). Once you get it up and running and you can really get your shine on with a web interface for it all like Mailwatch.

You can give users logins, and they can apply their own personal filters, release mail that has been quarantined, etc. Takes a lot of the headache out of email administration.

But if that seems like killing a fly with a sledgehammer perhaps you should try the following:

- adjust your spam assassin score (say lower it to 5 from 7 or whatever)
- run sa-learn against the spam email. don't forget you will need at least as many ham emails. sa-learn helps spam assassin learn what is spam and what is not.