andrew.casey@gmail.com wrote:
> Hi group,
>
> I have a new domain which i'm virtual hosting on my box. I have a few
> users setup on it and a catch all.
>
> The thing is, it looks like someone had the domain before me, and i'm
> getting swamped with spam to only two addresses - info@ and marcello@
>
> Is there any way I can reject e-mails to both of these addresses?
>
What do you mean by "reject"? If you mean respond with 550 reject
messages, that's a bad idea because the sender addresses are probably
forged.

As its only two known addresses that are getting the spam you could set
up a "dustbin" user to run procmail using a recipe that deletes all the
mail it receives by piping it into /dev/null. Use a .forward script in
the dustbin user to run procmail. Add entries to /etc/aliases to
redirect mail for "info" and "marcello" to the dustbin user. Don't
forget to run postalias after you've edited /etc/aliases.

If much of the spam is backscatter[1] it may also be worthwhile setting
up an SPF record for your new domain. See http://www.openspf.org/ for an
SPF description and http://www.kitterman.com/spf/validate.html for SPF
record test and validation tools.

[1] "backscatter" is spam sent to other domains with your address forged
as the sender, in this case info and marcello addresses in your domain.
Creating an SPF record suppresses backscatter if the target domain's MTA
is SPF-aware. Many are these days.


--
martin@ | Martin Gregorie
gregorie. | Essex, UK
org |