Someone seems to be using my alan@ and arcterex@ email addresses to spam people, and I am
reaping the rewards in mail bounces. For the last couple of days I’ve gotten
about 66 bounces (that I have kept) and lots more I haven’t. Someone
selling dollar store stuff, and another that just shows up as a bunch of
image links (I haven’t bothered to and see what they actually are of
course). I don’t really know where it’s coming from. There doesn’t
seem to be any connection and sending of the email in my postfix
logs, only the recieving of bounces. I also occasionally see the
mail in the outgoing queue (normally stopped due to “host not found”
error messages). No “stop spamming me” or “!@#$@$^ you” messages though, so I’m wondering if it’s “real” spam (it looks like it). sigh
Update – Ah ha! I think I figured it out with the help of Tig. I have a mail server set up on arcterex.net for doing secondary MX services for all the domains that I have hosted on ufies.org. Because of this it allows “relaying” (not really). IE: You can send mail through arcterex.net with a from address of a domain that it’s doing secondary for (or naked.arcterex.net, the servers real hostname). So after seeing a message to an @staticred.net from @naked.arcterex.net I checked the mail queue over here, and found the offending messages sitting trying to send themselves out. This also explains how there were no connections on the ufies.org server, only bounces coming back.
Now to figure out if the connections are other servers or the origin of the spam itself. If the latter, the only solution is to nuke them from orbit (or beat them to death with a shovel).