From owner-freebsd-chat Fri Nov 28 14:20:11 1997 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.7/8.8.7) id OAA12684 for chat-outgoing; Fri, 28 Nov 1997 14:20:11 -0800 (PST) (envelope-from owner-freebsd-chat@FreeBSD.ORG) Received: from shadows.aeon.net (shadows.aeon.net [194.100.41.1]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id OAA12575 for ; Fri, 28 Nov 1997 14:19:38 -0800 (PST) (envelope-from bsdchat@shadows.aeon.net) Received: (from bsdchat@localhost) by shadows.aeon.net (8.8.8/8.8.3) id AAA24192 for chat@freebsd.org; Sat, 29 Nov 1997 00:22:17 +0200 (EET) From: mika ruohotie Message-Id: <199711282222.AAA24192@shadows.aeon.net> Subject: annoying spammers... To: chat@FreeBSD.ORG Date: Sat, 29 Nov 1997 00:22:17 +0200 (EET) X-Mailer: ELM [version 2.4ME+ PL31 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org uh, i think this would go best here on chat, it's an isp issue too, but not really, i dunno. anyway, just a question if anyone else have noticed that their domain has been used in spamming. i mean, not as a relay, but as a NAME. uh, we've getting lots, lots and lots of rejected mail, complains and all that shit at my work, after someone has been spamming thru servers around the planet (several of them) with a randomish sender address from our domain. uh, that's most fucking, pardon me, annoying. i'm confident that no mail has gone thru either of our sendmails, no other machine there even has one. should i assume it's a hostile attack? or just someone using the domain kinda randomly? (back in summer before i worked there we were used as a relay, first thing i did was to install anti-relay rulesets, and it ended stone dead, until last weekend. ofcourse i freaked and thought something got passed, but i found no evidence whatsoever someone could get anything thru without non local ip, and routers block non local ips complitely) after i got one spam mail where another .fi domain (yes, i am from finland) was used as a NAME, not as a relay (boy do i know lots of open mail servers in finland, but it's another issue) and started to wonder that maybe it's a custom for spammers nowadays... anyone? has the situation gotten _THAT_ bad? generally, is there anything more i could do? kill anyone? yes, we already fax-flooded at least one of the firms used as a relay for not having a secure mailserver... mickey "yes, i'm fucking frustrated"