I can live with some spam in our environment. Many of our users bring it on themselves with the sites they visit that collect their e-mail addresses. We've put most of the built-in Domino 6.5 controls in place (anti-relay, a single blacklist and refusing mail from domains that don't exist on DNS). We've also turned on the "verify local domain recipients," which has cut down on dead spam.
Now for the kicker -- I occasionally still get mail (in MY mailfile, not mail.box) addressed to a non-existent internal address. The document properties don't show my address anywhere. It's like a BCC that is even blind to the recipient. Any ideas on how they manage the address end-around? Furthermore, how can I block it beyond refusing the bad address it has already bypassed? Thanks.
QUESTION POSED ON: 16 SEP 2004
QUESTION ANSWERED BY: Andrew Pollack
The first thing I'd do is take a look at the whole, original message. Open the message and use "View -- Show Source" to look at the headers. Often, the spammer will use an encoded name format normally set up to show your "real name" instead of your e-mail address. Example: "Some Name" memail@mydomain.com -- now, if it's done that way, sometimes they won't use any kind of matching pairs.
Also, I know I see mail sometimes that comes in with a similar but not exact match to my name. This could be Domino using "Soundex" to determine based on sibilants and other such arcane linguistics whom is the intended recipient is.
I'd love to see the original message and take it apart -- copy the document into a blank Notes database so I have the whole thing, and mail it to me.
|
|
|
