Date: Sat, 14 Aug 2010 14:37:33 -0400 From: Mehmet Erol Sanliturk <m.e.sanliturk@gmail.com> To: peter@vfemail.net Cc: freebsd-questions@freebsd.org Subject: Re: Open Mail Relay Message-ID: <AANLkTim2Y1wQ7tx50CbdK0CFeurLoN6K87LGxBtvVsrv@mail.gmail.com> In-Reply-To: <20100814172307.035661065697@hub.freebsd.org> References: <20100814172307.035661065697@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Aug 14, 2010 at 9:29 AM, <peter@vfemail.net> wrote: > > I have a machine running FreeBSD, sendmail and majordomo. I have someone > who is on one of those majordomo lists complaining that they are receiving > spam from me. The complainer says I have an open mail relay that I need to > fix. > > I went to <http://www.abuse.net/relay.html>http://www.abuse.net/relay.htmlto test the machine using its IP address. Abuse.net gives a clean bill of > health, saying relaying was denied in 17 separate tests. > > I've reviewed my mail logs for the past couple of days and I can't find any > entries for any mail addressed to the complainer's domain name except mail > that should have been sent. > > Is Abuse.net's test adequate to rule out an open mail relay problem? > > > > In previous weeks , I have received continuously messages about sending spam messages from my IP . They started by sending messages about undelivered mails which claimed to be originated from my computer . Later , they started to send me suggestions about how to remove proxy server acquired in my computer which is sending bulk spam messages . All of their text suggestions were complete executable codes . All of the messages were using faked names of my ISP officials . They tried very hard to infect my computer . At the end I have send a complaint message to my ISP authorities . After that , even I have received many such messages . In those days they are not sending such messages , or they are prevented by my ISP systems , I do not know . Based on such an experience , please be careful about such claims , and do not try to decompose their message attachments because their names of message attachments are also not related to content they contain . Use programs to dissect such messages without making any harm to your systems , for example convert their extensions to .txt and try to read them by a text editor . If they are really texts , they should be readable . Even , content of some messages were completely executable binary . I think some criminals started to perform such a ploy to infect computers by persuading users to try to "clean" their computers by applying their advices based on generated fear on attacked persons . Thank you very much . Mehmet Erol Sanliturk
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTim2Y1wQ7tx50CbdK0CFeurLoN6K87LGxBtvVsrv>