On the billbuchan.com and HADSL servers, we switched a while ago to using Postini for anti-spam. Till a week ago, I cursed it on a regular basis - it was letting in hundreds of spams a day. Nasty. I then found out that I hadnt configured it properly... So what had I screwed up?
On one server, I have 40+ domains, and on another only one. So no commonality there. What I had assumed was that ONLY the internet addresses specifically mentioned on the Postini user records actually let mail through. Thats not the case. Should the Postini server be able to deliver mail to a target address on your server, then it counts that as a success. If it doesnt have a user record for that entity, it does NO anti-spam processing on it, and passes it through. (It should be borne in mind that we host our servers on Prominic, and they have set up the master Postini account. In this case, they dont have the 'Create a new user record for new addresses' set ON. And even if they did, that would be a bad idea... ;-) ). I found that the various spam messages were using variations on my name and eMail address - which Domino resolves correctly, and therefore accepted those addresses. Also - things like the 'postmaster' and 'abuse' eMail addresses have to be defined somewhere. If domino doesnt know how to resolve those, it'll send it to the administrators defined for that particular server - so usually LocalDomainAdmins.
Once I had got that idea through my rather dense head (And thanks again to the support guys at Prominic for being so tolerant of my dumb questions), all I had to do was to add a few aliases for my account, and hey presto! The spam disappeared. Not difficult to do.
What the underlying problem was of course is a common one we see in all our environments. Sometimes we slap in systems without fully understanding them, and then dont have the time to go back and fix the issues. I'm glad I spent a few hours doing this, as now my BlackBerry doesnt buzz every 10 minutes, annoucing yet another Viagra ad.
The whole spam thing just irritates me. A bunch of manufacturers release SMTP interfaces for their products, and by default they are open relays. Idiots. No finger pointing here, as in the early days, most folks did that. And an open relay means that I can bounce mail off that server using any damn eMail address that I like. I hope we get to the point where ISP's check outgoing eMail for spam, implement sane and free maximum numbers of eMails on user accounts, and SMTP as a protocol finally grows up from its trusting, hippy youth in the sixties so we can all start using eMail properly again.
I'll leave the last word on this to the userFriendly.org cartoon: