Story: a friend of mine (Josh, also an empeg owner) and i run a small hosting biz, logjamming.com. Mail is getting backed up, the queue is huge, and delivery sometimes takes forever.

The problem is, spammers are getting emails to be accepted by the server we'll call it foo.com) by addressing them like so : spamvictim%[email protected]. This occurs even with all relaying totally turned off.

These messages are accepted by the qmail initially and added to the queue, but then they are rejected when it tries to send them. This causes a bounce message to be sent to the forged reply-to on the spam, which then itself bounces...

The net effect is emails build up in the queue, making the server very slow.

I've also heard if you close the "hole" in qmail that allows the spamvictim%[email protected] emails to be added to the queue, various "anti-spam" services will then register you as a spammer, since they use that technique to test for spammers.

We've blocked many IPs, but are wondering how to clear the queue and also how to prevent this from happening again. Also, what spam-filtering software works best with qmail?

Anyone a qmail expert? Any and all help MUCH appreciated.

http://qmail.plig.org/top.html

The mailing list archives:

http://www.ornl.gov/its/archives/mailing-lists/qmail/


I think you have it backwards about the relay probes. If you want to reject things with % in, I think you need Russ Nelson's patch: http://qmail.plig.org/qmail-smtpd-relay-reject

As for emptying the queue, http://www.faqts.com/knowledge_base/view.phtml/aid/6567/fid/286/lang/en

I don't know about spam filtering, but I'm going to have a play with SpamAssassin this weekend -- I'm rebuilding my webserver (which runs qmail).