Koozali.org formerly Contribs.org

spam geting trough everyone@mydomaine.com

spam geting trough everyone@mydomaine.com
« on: November 27, 2007, 09:44:12 AM »
even if in documentation pseudonym everyone say that is is available only on local network some how spam is invading all of my mailbox's through it

please help me change the everyone pseudonym in to something Else


Thank you

Offline mmccarn

  • *
  • 2,557
Re: spam geting trough everyone@mydomaine.com
« Reply #1 on: November 27, 2007, 04:43:56 PM »
The spam should be caught by SME's spam filtering technologies - even if (especially if) the email address being used actually exists.

SME does not enable any of the really effective spam fighting subsystems by default - the aim being to let you make sure your email works before turning on the spam filtering.

If you haven't yet done so, I would strongly recommend following the directions from one of the links below to configure spam filtering on your server:
* http://wiki.contribs.org/Email#Setup_Blacklists_.26_Bayesian_Autolearning
* http://www.sonoracomm.com/index.php?option=com_content&task=view&id=49&Itemid=32

I am a great fan of Bayesian filtering combined with the 'LearnAsSpam.pl' and 'LearnAsHam.pl' scripts described here:
* http://bugs.contribs.org/show_bug.cgi?id=1701

If you actually delete the everyone group you may cause problems with other SME systems. 

You can make the 'everyone@' address invisible to external mail servers using
Code: [Select]
db accounts setprop everyone Visible internal
signal-event email-update

If 'everyone@' is already set to 'Visible=internal' and you're receiving email for all users that looks like its addressed to 'everyone@...' then I can think of 3 causes:
* You have an internal system infected with a spam relaying virus of some sort
* The spams are actually BCC'd to each user, and To: everyone@... in order to confuse you
* Something is not kosher on your server - you may have customized /etc/e-smith/templates/var/qmail/control/badrcptto/10blockVisibleInternal, or you may have installed some contrib that modifies the SME email behavior, or you may have specified "0.0.0.0/0" as a "local network" (which would invalidate the 'Visible=internal' setting and make your SME server an open relay)