I am a reseller. My client is getting floods of MAILER-DAEMON@@ failure notices. Please help me stop them.
Note… this is not just a question of why the email is bouncing… pretty obviously the result of RELENTLESS spoofing. These are not referencing messages that the client is actually sending (that we know of), and all of the failure/bounce messages are related to the same attempted recipient... for here I call it [email protected] which is NOT a recipient known to my client.
He has received HUNDREDS of the bounce messages over the last couple weeks, and I cannot find a way to stop or block them.
Failure notice with full headers below…. (i replaced the real addresses with "[email protected]" and "outsidedomain.com")
Return-Path: <>
Delivered-To: [email protected]
Received: (qmail 24779 invoked for bounce); 1 Jul 2008 15:43:35 -0000
Date: 1 Jul 2008 15:43:35 -0000
From: MAILER-DAEMON@@
To: [email protected]
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="1214927015@1450606"
Subject: failure notice
--1214927015@1450606
Hi. This is the qmail-send program at @.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<steveng@<outsidedomain>.com>:
208.65.144.13 does not like recipient.
Remote host said: 551 Sender is on domain's blacklist (Mode: normal)
Giving up on 208.65.144.13.
--- Enclosed are the original headers of the message.
--1214927015@1450606
Content-Type: message/rfc822
Return-Path: <[email protected]>
Received: (qmail 24766 invoked by uid 399); 1 Jul 2008 15:43:35 -0000
Received: from unknown (HELO client) ([email protected]@38.98.76.86)
by mail.m****here.biz with ESMTPAM; 1 Jul 2008 15:43:35 -0000
X-Sender: [email protected]
From: "client" <[email protected]>
To: "'Steven Gurowitz'" <[email protected]>
Subject: Read: CONTACT INFORMATION
Date: Tue, 1 Jul 2008 11:41:29 -0500
Message-ID: <01ed01c8db99$50433480$6501a8c0@client>
MIME-Version: 1.0
Content-Type: multipart/report;
report-type=disposition-notification;
boundary="----=_NextPart_000_01EE_01C8DB6F.676D2C80"
X-Mailer: Microsoft Outlook, Build 10.0.6626
In-Reply-To: <31824BA174B3E04398754E4BE037DFCA01FA95C6@STEVENG01.outsidedomain.com>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1807
(Body supressed)
--1214927015@1450606--
Note… this is not just a question of why the email is bouncing… pretty obviously the result of RELENTLESS spoofing. These are not referencing messages that the client is actually sending (that we know of), and all of the failure/bounce messages are related to the same attempted recipient... for here I call it [email protected] which is NOT a recipient known to my client.
He has received HUNDREDS of the bounce messages over the last couple weeks, and I cannot find a way to stop or block them.
Failure notice with full headers below…. (i replaced the real addresses with "[email protected]" and "outsidedomain.com")
Return-Path: <>
Delivered-To: [email protected]
Received: (qmail 24779 invoked for bounce); 1 Jul 2008 15:43:35 -0000
Date: 1 Jul 2008 15:43:35 -0000
From: MAILER-DAEMON@@
To: [email protected]
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="1214927015@1450606"
Subject: failure notice
--1214927015@1450606
Hi. This is the qmail-send program at @.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<steveng@<outsidedomain>.com>:
208.65.144.13 does not like recipient.
Remote host said: 551 Sender is on domain's blacklist (Mode: normal)
Giving up on 208.65.144.13.
--- Enclosed are the original headers of the message.
--1214927015@1450606
Content-Type: message/rfc822
Return-Path: <[email protected]>
Received: (qmail 24766 invoked by uid 399); 1 Jul 2008 15:43:35 -0000
Received: from unknown (HELO client) ([email protected]@38.98.76.86)
by mail.m****here.biz with ESMTPAM; 1 Jul 2008 15:43:35 -0000
X-Sender: [email protected]
From: "client" <[email protected]>
To: "'Steven Gurowitz'" <[email protected]>
Subject: Read: CONTACT INFORMATION
Date: Tue, 1 Jul 2008 11:41:29 -0500
Message-ID: <01ed01c8db99$50433480$6501a8c0@client>
MIME-Version: 1.0
Content-Type: multipart/report;
report-type=disposition-notification;
boundary="----=_NextPart_000_01EE_01C8DB6F.676D2C80"
X-Mailer: Microsoft Outlook, Build 10.0.6626
In-Reply-To: <31824BA174B3E04398754E4BE037DFCA01FA95C6@STEVENG01.outsidedomain.com>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1807
(Body supressed)
--1214927015@1450606--
