From owner-freebsd-questions@FreeBSD.ORG Sat Jan 7 17:35:12 2006 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 17D8816A41F for ; Sat, 7 Jan 2006 17:35:12 +0000 (GMT) (envelope-from danial_thom@yahoo.com) Received: from web33302.mail.mud.yahoo.com (web33302.mail.mud.yahoo.com [68.142.206.117]) by mx1.FreeBSD.org (Postfix) with SMTP id 7B69743D46 for ; Sat, 7 Jan 2006 17:35:11 +0000 (GMT) (envelope-from danial_thom@yahoo.com) Received: (qmail 51700 invoked by uid 60001); 7 Jan 2006 17:35:11 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=DrlC4Yi/1bJzQsY3wwgzA28tXQZHj/6ovTLGTW/mnQ31wpM6i6Aj5UTo8alj7yqjQYv1naxYOk6xCVO4ZpoWRwGOrhHD6oP2nuKg67DPiyHVtCSSILOuyh45i3wnyUNL6TzCSlu6egW9UO7g/EkDhXBsSASQ86Ta+1WUtfhkQs0= ; Message-ID: <20060107173511.51696.qmail@web33302.mail.mud.yahoo.com> Received: from [24.46.186.215] by web33302.mail.mud.yahoo.com via HTTP; Sat, 07 Jan 2006 09:35:11 PST Date: Sat, 7 Jan 2006 09:35:11 -0800 (PST) From: Danial Thom To: Robert Slade , David Banning In-Reply-To: <1136618623.15229.17.camel@lmail.bathnetworks.co.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Cc: questions@freebsd.org Subject: Re: Spamcop listed - need help to diagnose why X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: danial_thom@yahoo.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Jan 2006 17:35:12 -0000 --- Robert Slade wrote: > On Sat, 2006-01-07 at 05:45, David Banning > wrote: > > My server just was listed with Spamcop. > Before I exercise my -one time- > > option to de-list it I need to verify that > indeed my server is not sending > > spam. I have 3 win boxes routing through my > FreeBSD box. > > > > Also there are a few windows computers in the > outside world that send > > mail through my server via port 26 using > their login and password. > > > > I know it is possible for viruses to install > a stand-alone smtp server > > on win boxes. That is one suspicion I have. > > > > My question; > > What tool would I use to see if unauthorized > mail is being sent via > > my server? Note that I am running tmda, so > that I have around 80 emails per > > minute being sent out; to request > verification on my standard incoming > > mail, (therefore it is too complicated to > just watch -all- mail being > > sent out, and try and decode legitimate from > illegitimate). > > There is your problem TMDA is most likely the > cause. Such programmes are > in effect adding to the spam problem. Nearly > all spam has a forged from > address and all programmes such as TMDA do is > send a challenge to an > innocent 3rd party. Whist it looks like it > reduces your spam all you do > is in effect spam someone else. When your > e-mail address has been used > in a spam run by a spammer and you start > getting 10s of these challenge > an hour it is quite easy to report 1 my > accident. If you look at the > Spamcop reporting page you will see a warning > about just this situation. > > I suppose that the real answer is to stop > compounding the spam problem > and use a combination of spamassassin and block > lists. > > BTW I make it a point never to respond to > challenges. > > Rob Consider being "listed" a privilege; half the universities in the world are listed as spammers. Anyone who uses those stupid, anal-retentive services deserves to miss getting important mail. DT __________________________________________ Yahoo! DSL – Something to write home about. Just $16.99/mo. or less. dsl.yahoo.com