StorMan77

Q: Undelivered Mail Returned to Sender arriving 200 per hour

We have 2 users on our mail server who are receiving Mail Delivery System emails at the rate of around 200 or more per hour.  These are obviously emails they did not send.  Is it possible to stop these messages being sent by the server?

 

Is it possible that our server is sending out spams and how would I find out.  Looking at the SMTP server log these is no evidence of mass emails being sent.  Can someone else use your email address to send spams and then the real server will respond in this way and how do you stop that?

 

Appreciate any help, otherwise not sure what to do other than shut down the email server.

 

Configuration is Server 5.0.15 running on El Capitan 11.0.2

Mac Pro, OS X El Capitan (10.11.2), Server 5.0.15

Posted on Dec 9, 2015 4:24 PM

Close

Q: Undelivered Mail Returned to Sender arriving 200 per hour

  • All replies
  • Helpful answers

  • by Morphire,

    Morphire Morphire Dec 9, 2015 8:02 PM in response to StorMan77
    Level 1 (20 points)
    Dec 9, 2015 8:02 PM in response to StorMan77

    It sounds like you are dealing with something called backscatter. SPAM is sent out with your email address as the sending email (farmed from a compromised machine typically), then when the receiving mail server generates a non delivery report (NDR) because the SPAM is malformed or misdirected, you get the NDR because your email is listed as the sender. Some junk mail filters offer the ability to kill backscatter (mailcleaner comes to mind) but usually it is horrible for a few days and then tapers off to nothing after a week or so as the mail servers all send out the NDRs for that SPAM campaign. Most just tough it out if they don't have a junk filter in place.

     

    Kevin