Open Mail Relay

Mehmet Erol Sanliturk m.e.sanliturk at
Sat Aug 14 19:03:42 UTC 2010

On Sat, Aug 14, 2010 at 9:29 AM, <peter at> wrote:

> I have a machine running FreeBSD, sendmail and majordomo.  I have someone
> who is on one of those majordomo lists complaining that they are receiving
> spam from me.  The complainer says I have an open mail relay that I need to
> fix.
> I went to <> test the machine using its IP address. gives a clean bill of
> health, saying relaying was denied in 17 separate tests.
> I've reviewed my mail logs for the past couple of days and I can't find any
> entries for any mail addressed to the complainer's domain name except mail
> that should have been sent.
> Is's test adequate to rule out an open mail relay problem?

In previous weeks , I have received continuously messages about sending spam
messages from my IP . They started by sending messages about undelivered
mails which claimed to be originated from my computer . Later , they started
to send me suggestions about how to remove proxy server acquired in my
computer which is sending bulk spam messages . All of their text suggestions
were complete executable  codes .

All of the messages were using faked names of my ISP officials .

They tried very hard to infect my computer . At the end I have send a
complaint message to my ISP authorities . After that , even I have received
many such messages .

In those days they are not sending such messages , or they are prevented by
my ISP systems , I do not know .

Based on such an experience , please be careful about such claims , and do
not try to decompose their message attachments because their names of
message attachments are also not related to content they contain . Use
programs to dissect such messages without making any harm to your systems ,
for example convert their extensions to .txt and try to read them by a text
editor . If they are really texts , they should be readable  .

Even , content of some messages were completely executable binary .

I think some criminals started to perform such a ploy to infect computers by
persuading users to try to "clean" their computers by applying their advices
based on generated fear on attacked persons .

Thank you very much .

Mehmet Erol Sanliturk

More information about the freebsd-questions mailing list