How to disable spammer domain in QMAIL mail
server with badmailto variable
I've recently noticed one of the qmail SMTP servers I adminster had
plenty of logged spammer emails originating from
yahoo.com.tw destined to reache some random looking like
emails (probably unexisting) again to
*@yahoo.com.tw
The spam that is tried by the spammer is probably a
bounce
spam, since it seems there is no web-form or anything wrong
with the qmail server that might be causing the spam
troubles.
As a result some of the emails from the well configured qmail
(holding SPF checks), having a correct existing MX, PTR record and
even having configured Domain Keys (DKIM) started being marked,
whether emails are sent to
*@yahoo.com legit emails.
To deal with the shits, since we don't have any Taiwanese (tw)
clients, I dediced to completely prohibit any emails destined to be
sent via the mail server to
*@yahoo.com.tw. This is done via
/var/qmail/control/badmailto qmail control variable;
Here is content of
/var/qmail/control/badmailto after
banning outgoing emails to
yahoo.com.tw;;;
qmail:~# cat /var/qmail/control/badmailto
[!%#:\*\^]
[\(\)]
[\{\}]
@.*@
*@yahoo.com.tw
The first 4 lines are default rules, which are solving a lot of
badmailto common sent emails. Thanks God after a qmail
restart:
qmail:~# qmailct restart
....
Checking in
/var/log/qmail-sent/current, there are no more
outgoing *@yahoo.com.tw destined emails. Problem solved
...