Open Mail Relay

Mehmet Erol Sanliturk m.e.sanliturk at gmail.com
Sat Aug 14 19:03:42 UTC 2010 

On Sat, Aug 14, 2010 at 9:29 AM, <peter at vfemail.net> wrote:

>
> I have a machine running FreeBSD, sendmail and majordomo.  I have someone
> who is on one of those majordomo lists complaining that they are receiving
> spam from me.  The complainer says I have an open mail relay that I need to
> fix.
>
> I went to <http://www.abuse.net/relay.html>http://www.abuse.net/relay.htmlto test the machine using its IP address.  Abuse.net gives a clean bill of
> health, saying relaying was denied in 17 separate tests.
>
> I've reviewed my mail logs for the past couple of days and I can't find any
> entries for any mail addressed to the complainer's domain name except mail
> that should have been sent.
>
> Is Abuse.net's test adequate to rule out an open mail relay problem?
>
>
>
>

In previous weeks , I have received continuously messages about sending spam
messages from my IP . They started by sending messages about undelivered
mails which claimed to be originated from my computer . Later , they started
to send me suggestions about how to remove proxy server acquired in my
computer which is sending bulk spam messages . All of their text suggestions
were complete executable  codes .

All of the messages were using faked names of my ISP officials .

They tried very hard to infect my computer . At the end I have send a
complaint message to my ISP authorities . After that , even I have received
many such messages .

In those days they are not sending such messages , or they are prevented by
my ISP systems , I do not know .

Based on such an experience , please be careful about such claims , and do
not try to decompose their message attachments because their names of
message attachments are also not related to content they contain . Use
programs to dissect such messages without making any harm to your systems ,
for example convert their extensions to .txt and try to read them by a text
editor . If they are really texts , they should be readable  .

Even , content of some messages were completely executable binary .

I think some criminals started to perform such a ploy to infect computers by
persuading users to try to "clean" their computers by applying their advices
based on generated fear on attacked persons .


Thank you very much .


Mehmet Erol Sanliturk

More information about the freebsd-questions mailing list