I'm not sure if this is a problem I can fix or not, but it appears that someone is able to spam through some of the general email addresses on my FreeBSD server. I received an email from the webmaster@mydomain.com, saying basically that my account was going to be suspended, etc... No one else would be using this account, but I have noticed the problem with other general accounts such as sales@mydomain.com, support@mydomain.com, etc... The emails are all bogus and come with attachments that have supposedly been scanned by a bogus virus company. Any suggestions to track down the problem and/or fix it would be appreciated. I am running FreeBSD 4.9 with SpamAssassin for spam filtering.

Thanks

Which MTA are you using: sendmail, postfix, qmail? In short, you need to make sure that no one from inside your network is using your network to spam, but mor important, you need to see to it that no one can relay messages through your site. A google search will give way more information that you care to read on how to solve this situation.

Cheers--
Charles

Sorry, I am running exim 4.X. I have inherited most of the configuration done on this server from the previous admin, so I am learning most of these things for the first time. In the config file for the exim, it has a line for the "hostlist relay_from_hosts" that contains the ip addresses of our customers, plus it also contains "*.def.com" and "def.com". Would these two entries cause the spoofing/relaying problem, that was mentioned before? The way I would understand it, is that those last two entries would allow anyone who says they are *@def.com to send mail through our server. Is this correct or am I barking up the wrong tree?


Thanks