Steve Kemp <edlug@xxx.xxx.xxx> writes: <snip> > I know that foo@xxx.xxx.xxx isn't a valid email address > and I'm unsure why this was being relayed in the first place > (although I have a hazy idea that 'foo@xxx.xxx.xxx]' is valid). foo@[xxx.xxx.xxx.xxx], I think. > I couldn't simply firewall off the injecting machine as > the messages were coming from multiple machines - more and > more as the addresses I killed off were dropped. > > As an example the transactions went something like this: > > HELO blah > MAIL FROM: foo@xxx.xxx.xxx <- mail servers IP > RCPT TO: foo@xxx.xxx.xxx > DATA > To: foo@xxx.xxx.xxx > From: bar@xxx.xxx.xxx > Subject: get your hot spam > > ... > . That's not a good thing :-(. > The messages were queued and the bounces from hotmail > were coming back to the nonexistent user 'foo@xxx.xxx.xxx' That's really not a good thing :-((. If you telnet from your server to relay-test.mail-abuse.org, they will try to relay through your server (trying all sorts of interesting tactics). They won't blacklist you if you turn out positive. You can also check openrbl.org to see if you're listed on any of the blacklists as a spam source or an open relay (I suspect you might well be by now). OK, -- Andrew Aylett | www.aylett.co.uk | 1.79 x 10^12 furlongs per fortnight... andrew@xxx.xxx.xxx | answer==42 | -- it's not just a good idea, it's the law!
Attachment:
pgp00004.pgp
Description: PGP signature
|
This archive is kept by wibble@morpheux.org.DONTSPAMME | homepage |