Link to home
Start Free TrialLog in
Avatar of Marketing_Insists
Marketing_Insists

asked on

spam to erroneous addresses get delivered to closest match

Users are getting spam that is not even directed at them.
ie: The spam will be sent to safgrt@mydomain.com, obviously a made up name, but it will be delivered to the inbox of sandra@mydomain.com

It seems to be routing mail to whatever user name is closest.  (though I noticed at least once, the To: field was not even close, this may, in fact, be the norm)

I can't duplicate the problem, as when I try something similar, I get a normal delivery failure message.

Do you know what is happening?
Avatar of Marketing_Insists
Marketing_Insists

ASKER

BTW, this is a dominos 6.5 environment.
The bounce back I got was handled by a primary gateway Dominos server, not mine where the spam is getting sent to.

Also, the spam is of content that should DEFINITLY be getting caught by spam filters at the gateway, so I'm wondering if a PC on the inside has been zombified.
Anti-Spam filters should do all these steps.
See whther it is updated with New version.
And what type of Anti Spam software you are using?
SOLUTION
Avatar of twizted_teck
twizted_teck
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Here's another good link to get started in fighting spam.

http://www-128.ibm.com/developerworks/lotus/library/ls-AntiSpamND6/index.html
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
qwaletee

If the to fields of the ENVELOPE and MESSAGE CONTENT headers don't match, can the mail be blocked by Dominos itself?
(spam filtering we have, but I have no control over updating or improving that particulare arena -I might have to look into it though anyway on my site, maybe a freebe like SpamAssassin )

Also, how can I see the SMTP headers in Lotus?
By looking at the document properties, it would appear as if they been stripped by half a dozen email routers and servers between my server and our gateway

There's no direct way to see the envelope headers.  If you enable Message Tracking, then much of that info is recorded in a basic message log.  I believe you can also turn on some router debugging settings so that the SMTP conversations get recorded in the regular Notes log, but there would be so much garbage in there, it would not be worth it (it would be mixed in with all the other logmessages).  If you have a basic SMTP server sitting on the internet that relays to your Domino server (a smart setup anyway, for securing an inside Domino server), you can probably get it to log more usefully.

You would not want to turn off the ability to deliver mismatched envlope/message headers, because the same mechanism is frequently used for forwarding on the internet, for BCC's on the internet, and for internet mailing lists.  I'm not sure there's a way to get DOmino to do this anyway, though again, with an external SMTP server "fronting" the Domino server, this may be possible.

I would suggest getting some sort of antispam solution in place.  You can start out with the Domino-specific free one, kSpam, at http://OpenNTF.org
Thank you!  No resolution yet, but very helpfull inormation.  Need to get my own anti-spam solution, it looks like.