RE: what to do about joe-jobs?

Speaking of joe-jobs, what's the "proper" proceedure

for >dealing with such? The company I work for is
currently >undergoing an admitedly minor joe-job.
(about 300 or so >bounces that I've seen since mid last
week or so.)

Any suggestions for dealing with this?

What domains are you seeing the joe-jobs from? We see
alot of joe jobbing attacks from the large webmail
providers eg.,,,, etc. A promising response that we've been
following is Sender Permitted From
. It's basically a reverse RBL. The owner of a domain
identifies ip's that are allowed to send mail for that
domain in a TXT DNS record. The rest are tagged with a
wildcard deny or probably softdeny initially. If, etc alone just added the DNS
records, we'd all be able to identify joe-jobbers of
these domains. It won't help their own spam situation
but it'd help our massive attacks of spoofed email.
Spammers seem to use these big providers since blocking
all of or is tough for other