[extropy-chat] Clamping down email server

Robert Bradbury robert.bradbury at gmail.com
Sun Oct 15 03:03:24 UTC 2006


David,

I've noticed something of the same nature on the email coming into the
aeiveos.com domain.  I think it is due to the fact that some mail
systems (qmail?) are willing to attempt to send back "undelivered"
messages.  The spamers then falsify the mail into your system so it
looks like a rejected send that has to be returned.  Of course if the
system/user that it is being delivered to rejects it then it bounces
back to you (and presumably your system may get blacklisted as a spam
relay).

I think this problem may have diminished for me when I switched to
Postfix (which was a quick deinstall of qmail and install of postfix
under Gentoo Linux).  As I suspect many (most?) large ISPs maintain
their own internal blacklists getting ones name "cleared" may be
difficult to impossible (which is why some people find blacklisting
problematic).

I never went into the mechanics of what was wrong with qmail.  I
thought it was setup to refuse to act as a relay but there may have
been a bug that allowed it to do so when the message was being
returned under the guise of having originated from your system.  I do
believe that there may have existed a number of 3rd party patches
which were not incorporated into the version I was running -- so it
might have been fixed but I didn't know what the fixes were.

I have read someplace (/., digg, ???) that SPAMers may now have test
suites to identify the holes in various mail agents so they can target
their SPAM to yours [1] and so if one doesn't have staff people to
stay on top of this full time its relatively easy to get caught in the
cross fire.

I would expect that among the ExI List readers there are enough people
with systems that we could setup a "whitelisted" secure email relay
cloud which could benefit everyone involved.

Robert

1. Gives a whole new meaning to rotating your shield frequencies to
defeat the enemy phasers -- but ultimately they will adapt.


On 10/14/06, David Lubkin <extropy at unreasonable.com> wrote:
> I've been sending and receiving my email through my hosted FreeBSD
> server for years, fairly smoothly. Of late I've been getting
> thousands of messages a day purportedly from other mail servers,
> rejecting email attributed to my domain, viz., that uses a random
> address like jkkqrlaz at unreasonable.com.
>
> Meanwhile, there are signs that some email I've originated is not
> getting to its destination, suggesting that it's being blocked along the
> way.
>
> I've checked a couple of blacklist sites, and not found my domain or
> its IP address listed, and confirmed that sendmail is using POP Auth.
>
> Could someone point me to a straight-forward procedure for clamping
> down my email server, seeing if it's on any blacklists, and restoring
> its good name?
>
> I plan to switch soon to a new web host, where I figured I'd rely on
> postfix, but I need email fully functional right away.
>
>
> -- David Lubkin.
>
> _______________________________________________
> extropy-chat mailing list
> extropy-chat at lists.extropy.org
> http://lists.extropy.org/mailman/listinfo.cgi/extropy-chat
>



More information about the extropy-chat mailing list