TallyList : mailing list management, archiving, and analysis

Archive of:
Imail Forum
Ipswitch list for Imail

home
24 hour view
quick stats
weekly updates

all tallylists
corporate solutions
archive your favorite
help / feedback

About Imail :
product's home
product's list home

Archived TallyList / Imail Forum:
Subject: Re: Cant's stop spammers with our RELAY settings !

Yuri Levenfeld (153p/+0r) Posted: Thursday 22 Mar 2001
This post: 12 views, +0 rating

Did you restart SMTP service on your server after making the changes?

----- Original Message ----- From: "Marc Weigert" <mail@marceting.de> To: <IMail_Forum@list.ipswitch.com> Sent: Thursday, March 22, 2001 10:46 AM Subject: [IMail Forum] Cant's stop spammers with our RELAY settings !

> Hi, > > it appears as this message (attached below) didn't get sent correctly last > nite, as I could not find it within the list... so please forgive me, if you > got it twice ;) > > Any help would be more than welcome !! Tnank you in advance. > > Cheers, > > Marc > > ---------- > > Hello List !!! > > We discovered some abuse of our IMail server today, with spammers using the > SMTP service for... well, what they use to do ;) > > So we checked both, the manual and IPSwitch knowledgebase - and did do what > is recommended concerning the Relay settings. > > We changed the "Relay Mail Options" from "Relay Mail for anyone" to "Relay > Mail for [Adress]" and entered the IP values (we tried several different > settings there for testing). > > Also, we ticked this "user authentization" checkbox within our Email clients > to use IMail Server SMTP AUTH, as we dial in via different hosts all the > time. This works fine... > > Well, finally we ran a vulnerability scan with Mail-Abuse.org via Telnet : > # C:\WINNT\system32\mail-abuse.org > > As you might already have seen, I copied the protocol in the lower part of > this Email. Witihn that copy of the protocol I just changed our REAL LIVE > server values to the following "Aliases" for publishing to this list (please > don't take it personal ;) ! > > # 111.11.11.111 > # Obelix.TheServer.com > # TheServerStuff.com > > We passed 17 tests, until this spam vulnerability checker managed to "get > in" : > # "System appeared to accept 1 relay attempts" > > I already searched the Usenet for possible answers, but unfortunately I got > no suitable answer - maybe because Google limits the research to messages > not older than of August 2000 right now ?! > > It would be very appreciated if you could tell us, what we should/could do > next, to make our Email Server bulletproof !! > > Thanx in advance to all of you !!! > > Cheers, > > Marc > > > THE PROTOCOL (with DUMMY values) > > > > Connecting to 111.11.11.111 ... > <<< 220 X1 NT-ESMTP Server Obelix.TheServer > <<< 220 X1 NT-ESMTP Server Obelix.TheServer.com (IMail 6.04 1-1) > >>> HELO dante.mail-abuse.org > <<< 250 hello Obelix.TheServer.com > :Relay test: #Quote test > >>> mail from: <spamtest@TheServerStuff.com> > <<< 250 ok > >>> rcpt to: <"nobody@mail-abuse.org"> > <<< 550 not local host mail-abuse.org", not a gateway > >>> rset > <<< 250 ok its reset > :Relay test: #Test 1 > >>> mail from: <nobody@mail-abuse.org> > <<< 250 ok > >>> rcpt to: <nobody@mail-abuse.org> > <<< 550 not local host mail-abuse.org, not a gateway > >>> rset > <<< 250 ok its reset > :Relay test: #Test 2 > >>> mail from: <spamtest@maps1.pa.vix.com> > <<< 250 ok > >>> rcpt to: <nobody@mail-abuse.org> > <<< 550 not local host mail-abuse.org, not a gateway > >>> rset > <<< 250 ok its reset > :Relay test: #test 3 > >>> mail from: <spamtest@localhost> > <<< 250 ok > >>> rcpt to: <nobody@mail-abuse.org> > <<< 550 not local host mail-abuse.org, not a gateway > >>> rset > <<< 250 ok its reset > :Relay test: #Test 4 > >>> mail from: <spamtest> > <<< 501 unacceptable mail address > >>> rset > <<< 250 ok its reset > :Relay test: #Test 5 > >>> mail from: <> > <<< 250 ok > >>> rcpt to: <nobody@mail-abuse.org> > <<< 550 not local host mail-abuse.org, not a gateway > >>> rset > <<< 250 ok its reset > :Relay test: #Test 6 > >>> mail from: <spamtest@TheServerStuff.com> > <<< 250 ok > >>> rcpt to: <nobody@mail-abuse.org> > <<< 550 not local host mail-abuse.org, not a gateway > >>> rset > <<< 250 ok its reset > :Relay test: #Test 7 > >>> mail from: <spamtest@[111.11.11.111]> > <<< 250 ok > >>> rcpt to: <nobody@mail-abuse.org> > <<< 550 not local host mail-abuse.org, not a gateway > >>> rset > <<< 250 ok its reset > :Relay test: #Test 8 > >>> mail from: <spamtest@TheServerStuff.com> > <<< 250 ok > >>> rcpt to: <nobody%mail-abuse.org@TheServerStuff.com> > <<< 550 not local host mail-abuse.org, not a gateway > >>> rset > <<< 250 ok its reset > :Relay test: #Test 9 > >>> mail from: <spamtest@TheServerStuff.com> > <<< 250 ok > >>> rcpt to: <nobody%mail-abuse.org@[111.11.11.111]> > <<< 550 not local host mail-abuse.org, not a gateway > >>> rset > <<< 250 ok its reset > :Relay test: #Test 10 > >>> mail from: <spamtest@TheServerStuff.com> > <<< 250 ok > >>> rcpt to: <"nobody@mail-abuse.org"> > <<< 550 not local host mail-abuse.org", not a gateway > >>> rset > <<< 250 ok its reset > :Relay test: #Test 11 > >>> mail from: <spamtest@TheServerStuff.com> > <<< 250 ok > >>> rcpt to: <"nobody%mail-abuse.org"> > <<< 550 not local host mail-abuse.org", not a gateway > >>> rset > <<< 250 ok its reset > :Relay test: #Test 12 > >>> mail from: <spamtest@[111.11.11.111]> > <<< 250 ok > >>> rcpt to: <"nobody@mail-abuse.org@TheServerStuff.com"> > <<< 550 not local host TheServerStuff.com", not a gateway > >>> rset > <<< 250 ok its reset > :Relay test: #Test 13 > >>> mail from: <spamtest@TheServerStuff.com> > <<< 250 ok > >>> rcpt to: <"nobody@mail-abuse.org"@[111.11.11.111]> > <<< 550 not local host mail-abuse.org", not a gateway > >>> rset > <<< 250 ok its reset > :Relay test: #Test 14 > >>> mail from: <spamtest@TheServerStuff.com> > <<< 250 ok > >>> rcpt to: <nobody@mail-abuse.org@[111.11.11.111]> > <<< 550 not local host mail-abuse.org, not a gateway > >>> rset > <<< 250 ok its reset > :Relay test: #Test 15 > >>> mail from: <spamtest@[111.11.11.111]> > <<< 250 ok > >>> rcpt to: <@TheServerStuff.com:nobody@mail-abuse.org> > <<< 550 not local host mail-abuse.org, not a gateway > >>> rset > <<< 250 ok its reset > :Relay test: #Test 16 > >>> mail from: <spamtest@TheServerStuff.com> > <<< 250 ok > >>> rcpt to: <@[111.11.11.111]:nobody@mail-abuse.org> > <<< 550 not local host mail-abuse.org, not a gateway > >>> rset > <<< 250 ok its reset > :Relay test: #Test 17 > >>> mail from: <spamtest@[111.11.11.111]> > <<< 250 ok > >>> rcpt to: <mail-abuse.org!nobody> > <<< 250 ok deliver to alternate > >>> QUIT > <<< 221 Goodbye > Tested host banner: 220 X1 NT-ESMTP Server Obelix.TheServer.com (IMail 6. > 04 1-1) > System appeared to accept 1 relay attempts > > > Connection to host lost. > > > > > > > >

Similar Subject Line Posts (+/- two weeks of this post)

Re: Cant's stop spammers with our RELAY settings !	26 Mar 2001	(8 v/ +0 r)
Re: Cant's stop spammers with our RELAY settings !	24 Mar 2001	(11 v/ +0 r)
Re: AW: Cant's stop spammers with our RELAY settings !	22 Mar 2001	(10 v/ +0 r)
AW: Cant's stop spammers with our RELAY settings !	22 Mar 2001	(10 v/ +0 r)
Re: Cant's stop spammers with our RELAY settings !	22 Mar 2001	(10 v/ +0 r)
Re: Cant's stop spammers with our RELAY settings !	22 Mar 2001	(12 v/ +0 r)
Re: ORBSMAN: Cant's stop spammers with our RELAY settings !	22 Mar 2001	(8 v/ +0 r)
Re: Cant's stop spammers with our RELAY settings !	22 Mar 2001	(7 v/ +0 r)
AW: Cant's stop spammers with our RELAY settings !	22 Mar 2001	(7 v/ +0 r)
Re: Cant's stop spammers with our RELAY settings !	22 Mar 2001 (this post)	(12 v/ +0 r)
Cant's stop spammers with our RELAY settings !	22 Mar 2001	(9 v/ +0 r)

Send a reply to the Imail Forum list!
	NOTE: Many lists will reject your post unless you have already registered with them. Also - don't forget the right account to send from (for those with multiple emails!)