Politech mailing list archives

Previous By Date Next
Previous By Thread Next

FC: Send email, get your server probed as a possible spam source?

From: Declan McCullagh <declan () well com>
Date: Mon, 24 Feb 2003 11:07:15 -0500
[Is it any wonder why so few people read postmaster@domainname email anymore? --Declan] 

---

Date: Sat, 22 Feb 2003 18:26:29 -0800 (PST)
To: Declan McCullagh <declan () well com>
Subject: relay testing to the extreme
From: Chris Caputo <ccaputo () alt net>


You gotta love the last paragraph of the relay probe below.

In less than a minute tofu.alt.net (my main mail server) received 29 probe
messages of various types, like the one below, from bnr.ca, because
apparently bnr.ca received, oh my gosh, an email from my server.  As
postmaster, when the probe messages don't work, as they should not if you
don't allow open relaying, the messages end up in my mailbox.

Is this (every server checking every server for open relay ability) the
future of spam avoidance?

The funny thing is that it looks like this was in response to my server
bouncing messages back to bnr.ca due to spam that bnr.ca sent to invalid
addresses at my domain!

Chris

---------- Forwarded message ----------
Date: 23 Feb 2003 00:53:32 -0000
From: MAILER-DAEMON () tofu alt net
To: nobody () alt net
Subject: failure notice

Hi. This is the qmail-send program at tofu.alt.net.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<relaytester%bnr.ca () tofu alt net>:
Sorry, no mailbox here by that name. (#5.1.1)

--- Below this line is a copy of the message.

Return-Path: <nobody () alt net>
Received: (qmail 9824 invoked from network); 23 Feb 2003 00:53:17 -0000
Received: from qcare034.nortelnetworks.com (HELO nortelnetworks.com) (47.248.124.34) 
  by tofu.alt.net with SMTP; 23 Feb 2003 00:53:17 -0000
Message-ID: <pdn2M_w9ri6EloSn2PyjXlRJ#nT#BwxI () nortelnetworks com>
Date: Sun, 23 Feb 2003 00:52:57 +0000
To: <relaytester () bnr ca>
Subject: Open Relay Test Message

DSBL LISTME: smtp 207.14.113.2
pdn2M_w9ri6EloSn2PyjXlRJ#nT#BwxI
MAIL FROM:<nobody () alt net>
RCPT TO:<"relaytester%bnr.ca">
DSBL END

This message is a test of your mail server to determine if
it will perform relaying (re-sending) of e-mail messages
for unauthorized outside parties.  This capability, if
enabled in your mail server, is widely considered to be
serious flaw in mail server security.

Your mail server is being tested for relaying capability
because we have received mail from it and wish to determine
its likelihood to be abused by spammers.




-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
Like Politech? Make a donation here: http://www.politechbot.com/donate/
-------------------------------------------------------------------------
Declan McCullagh's photographs are at http://www.mccullagh.org/
-------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: