Dealing with open relay spam / hack attempts?
Seems my mail server was acting in open relay mode. I fixed it, and deleted all the junk mail that had been forced into our system.
Today, another message was held in the system because it was a relay message which I am now not allowing. I forced this message to go into my inbox rather than the email address it was intended to be relayed to. Upon opening it, I see that it is an advertisement for a weight loss pill. Well, checking my router and firewall logs, I see it appears to have come from a certain IP addy that traces back to Rome, Italy. The business mentioned in the email is from Dayton, Oh. Upon further examination, the email has two recieve headers, one pointing to Rome Italy, the other pointing to an ISP in Dayton, OH. I am assuming that the origin was Dayton OH with a spoofed IP tracing back to Rome Italy.
What do I do? Call up this business and curse them? Call their ISP (Qwest) and get mad? Call our lawyers and sic them on this Dayton OH business? Call the police?
Thanks,
ORDB.org was who clued me in on my open relay...
...so I've already checked them out, fixed my prob, and got off their blacklist.
What I have is a company who tried to bounce spam off my system, but didn't succeed since it's no longer an open relay.
I have the company name, address, phone number, ISP, offending IP addy, and router & firewall logs showing a spoofed IP that is shown on the same email that the company's IP is on.
What do I do?