-> some luser off of AT&T DIalup is using mailme.com (my domain) for relaying
-> Received: from mailme.com (146.st-louis-71-72rs.mo.dial-access.att.net
-> He is sending thousands of emails to AOL users, who is then bouncing them
-> to me.
-> Thinking about this, there is no solution; here are my options:
-> 1) blackhole AT&T, which does nothing, since the mail is bounces coming
-> from AOL.
-> 2) blackhole AOL, which would fix my attack, but would break all
-> legitimate mail from/to AOL.
-> 3) temporarily blackhole mailme.com, which would prevent me from getting
-> the bounces, but then I can't send/get legit mail.
4) Deny relaying, which sendmail 8.9.1a will do by default (has worked
great for us so far), and
5) Deny access to dial-access.att.net (and dialsprint.net, da.uu.net,
pub-ip.psi.net, etc) which is what we're doing here just because we
get so much spam directly from such dialup accounts these days.
Anyone have a list of legitimate outgoing SMTP servers for the big dialup
companies (UUnet, PSI, Concentric, AT&T, Sprint, etc)? So far I haven't had
any complaints about blocking stuff like da.uu.net, but I'd like to make sure
that legitimate email can still get through.