[extropy-chat] Clamping down email server
Eugen Leitl
eugen at leitl.org
Sun Oct 15 15:11:40 UTC 2006
On Sat, Oct 14, 2006 at 07:19:11PM -0400, David Lubkin wrote:
> I've been sending and receiving my email through my hosted FreeBSD
> server for years, fairly smoothly. Of late I've been getting
> thousands of messages a day purportedly from other mail servers,
> rejecting email attributed to my domain, viz., that uses a random
> address like jkkqrlaz at unreasonable.com.
Most spam uses forged From: addresses.
> Meanwhile, there are signs that some email I've originated is not
> getting to its destination, suggesting that it's being blocked along the way.
Not at all unsual.
> I've checked a couple of blacklist sites, and not found my domain or
> its IP address listed, and confirmed that sendmail is using POP Auth.
I've tried http://www.robtex.com/rbls/207.159.131.159.html
and several others on http://www.google.com/search?hl=en&q=RBL+check&btnG=Google+Search
which come up green.
> Could someone point me to a straight-forward procedure for clamping
> down my email server, seeing if it's on any blacklists, and restoring
You can always use http://www.abuse.net/relay.html or similiar online
relaying sites to test whether you're having a misconfiguration.
You do seem to have a lot of open ports, though:
helium:~# nmap 207.159.131.159
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-10-15 17:09 CEST
Interesting ports on unreasonable.com (207.159.131.159):
(The 1639 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
23/tcp open telnet
25/tcp open smtp
30/tcp open unknown
53/tcp open domain
80/tcp open http
110/tcp open pop3
111/tcp open rpcbind
135/tcp filtered msrpc
139/tcp open netbios-ssn
143/tcp open imap
443/tcp open https
587/tcp open submission
648/tcp open unknown
993/tcp open imaps
995/tcp open pop3s
1022/tcp open unknown
1023/tcp open netvenuechat
3306/tcp open mysql
6666/tcp filtered irc-serv
6667/tcp filtered irc
6668/tcp filtered irc
13782/tcp open VeritasNetbackup
> its good name?
As far as I can tell you're not in any RBL, so there's no way
to restore what is not tarnished to start with. You typically
can't get an RBL to unblock you or any target site to use
non-braindead mail filtering anyway, so you could as well send a fax,
or pick up the phone, if you want to make sure your missive
came through. Yes, it is really that bad.
> I plan to switch soon to a new web host, where I figured I'd rely on
> postfix, but I need email fully functional right away.
Picking postfix is a good choice.
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 191 bytes
Desc: Digital signature
URL: <http://lists.extropy.org/pipermail/extropy-chat/attachments/20061015/ee0f0948/attachment.bin>
More information about the extropy-chat
mailing list