It's around 1pm on 3/23 - in the last 12 hours, I've recieved over 500 pieces of spam mail, all with identical Received from: headers:
Received: from hans.net (dial-bu-185-234.wcnet.org [22.214.171.124])
by plunder.dreamhost.com (Postfix) with SMTP id 399DC863E2
for firstname.lastname@example.org; Tue, 23 Mar 2004 12:51:23 -0800 (PST)
Date: Tue, 23 Mar 2004 15:52:13 -0500
Subject: Re: Document
What I'd like to be able to do is turn on (or turn off) the ability for someone to send email to any address at my domain - you'd have to have an actual address, you couldn't just use [anything]@mydomain.com to get email through. I have Razor set up but it's just not catching these.
I suspect this is a deliberate target as the addresses that are being spoofed as the return addresses come from a usenet newsgroup I frequent.
I have contacted the spam and abuse and postmaster aliases at the wcnet.org and hans.net domains as well.
Any help or advice welcomed.