My server is getting pounded with thousands of emails per hour that are bounces from a spammer. The spammer is using bogus email addresses from 2 domains on the server in the spam they are sending out. The 2 domains are mine so I know it's not someone sending it out from my server.

All of the bounces from their spam are returning to me. I actually created accounts for a couple of the email addresses they have been using and checked the headers in some of the emails. Looking at the IPs in the emails, they appear to be originating from all over the world.

The spam message appears to be trying to pump up a California company's stock:

Reynaldo's Mexican Foods (RYNL)

Anyone have any ideas on what I can do about this? It's killing my server and I hate to see what my bandwidth costs are going to be.

Thanks,
David

With a bit of investigating, find Reynaldo's Mexican Foods address and email address. Phone too. Call them. Email them. Forward all fo the emals to them. And I do mean ALL of them :)

My server is getting pounded with thousands of emails per hour that are bounces from a spammer. The spammer is using bogus email addresses from 2 domains on the server in the spam they are sending out. The 2 domains are mine so I know it's not someone sending it out from my server.

All of the bounces from their spam are returning to me. I actually created accounts for a couple of the email addresses they have been using and checked the headers in some of the emails. Looking at the IPs in the emails, they appear to be originating from all over the world.

The spam message appears to be trying to pump up a California company's stock:

Reynaldo's Mexican Foods (RYNL)

Anyone have any ideas on what I can do about this? It's killing my server and I hate to see what my bandwidth costs are going to be.

Thanks,
David

We had same issue with a client server, check for PHPBB on the server, the spammer used the forum to send out the junk, so it all began to bounce back to the server. They leave a file called --> .!! it allows them to comeback anytime and ruin your day.

Good luck

Thanks, but I believe all of the emails are being faked. There are no forums running on either web site. When I look at the email headers it shows different ips with the fake email account names.

Also, I did call Reynaldo's Mexican Food. They said it wasn't their problem and offered no help or suggestions.

Thanks, but I believe all of the emails are being faked. There are no forums running on either web site. When I look at the email headers it shows different ips with the fake email account names.

Also, I did call Reynaldo's Mexican Food. They said it wasn't their problem and offered no help or suggestions.

There is your answer, forward all the email to their addresses to them and make it there problem.

That would be good. The guy I spoke with didn't seem too distressed about the fact that someone was spamming to promote their stock. But, as much as I think they deserve them, I'm a bit concerned about the spam sword being turned on me for forwarding them.

I got the Reynaldo's Mexican Foods (RYNL) spam on one of my email accounts. After looking at it I highly doubt Reynaldo's has anything to do with. The format of the email follows the same format as several other spams I receive per day promoting different penny stocks.

I think how this works...is the spammer invests in these companies....spam them like crazy until the stock price raises... and then takes a profit and moves on to the next company.

something likes dictionary attack. Do you have many exim connections from ps aux likes this?
/usr/sbin/exim -Mc 1EotH3-0004wC-RL
/usr/sbin/exim -Mc 1EotH3-0004wC-RL
/usr/sbin/exim -Mc 1EotGt-0004lq-8h
/usr/sbin/exim -Mc 1EotH9-00050z-TH

change default receiver of attacked domains to :fail: can help