Open Mail Relay
Mehmet Erol Sanliturk
m.e.sanliturk at gmail.com
Sat Aug 14 19:03:42 UTC 2010
On Sat, Aug 14, 2010 at 9:29 AM, <peter at vfemail.net> wrote:
> I have a machine running FreeBSD, sendmail and majordomo. I have someone
> who is on one of those majordomo lists complaining that they are receiving
> spam from me. The complainer says I have an open mail relay that I need to
> I went to <http://www.abuse.net/relay.html>http://www.abuse.net/relay.htmlto test the machine using its IP address. Abuse.net gives a clean bill of
> health, saying relaying was denied in 17 separate tests.
> I've reviewed my mail logs for the past couple of days and I can't find any
> entries for any mail addressed to the complainer's domain name except mail
> that should have been sent.
> Is Abuse.net's test adequate to rule out an open mail relay problem?
In previous weeks , I have received continuously messages about sending spam
messages from my IP . They started by sending messages about undelivered
mails which claimed to be originated from my computer . Later , they started
to send me suggestions about how to remove proxy server acquired in my
computer which is sending bulk spam messages . All of their text suggestions
were complete executable codes .
All of the messages were using faked names of my ISP officials .
They tried very hard to infect my computer . At the end I have send a
complaint message to my ISP authorities . After that , even I have received
many such messages .
In those days they are not sending such messages , or they are prevented by
my ISP systems , I do not know .
Based on such an experience , please be careful about such claims , and do
not try to decompose their message attachments because their names of
message attachments are also not related to content they contain . Use
programs to dissect such messages without making any harm to your systems ,
for example convert their extensions to .txt and try to read them by a text
editor . If they are really texts , they should be readable .
Even , content of some messages were completely executable binary .
I think some criminals started to perform such a ploy to infect computers by
persuading users to try to "clean" their computers by applying their advices
based on generated fear on attacked persons .
Thank you very much .
Mehmet Erol Sanliturk
More information about the freebsd-questions