Date: Thu, 14 Feb 2002 12:06:16 -0500 From: "William J. Petch" <twofour@etherworx.com> To: <freebsd-security@FreeBSD.ORG> Subject: Re: sendmail ; bogus letters Message-ID: <002001c1b579$eab38b70$4e00000a@twofour> References: <Pine.BSF.4.44.0202140740060.52689-100000@R181172.resnet.ucsb.edu> <02021413401002.02159@hercules.avint.net>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_001C_01C1B550.0119E550 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit I have been having a spam problem as well. I use ordb.org to block spam, and have noticed a significant decrease in the amount of spam that comes to my server. The problem I am having is I am only getting bounced spam. (And quite a lot of it too.) The original messages are not being relayed, or even touching my server. I have a couple of excerpts of some email headers here... Our mail server's name is mail.etherworx.com, and our server's class C is 216.58.72.xx. ***** Received: from mail.etherworx.com (210.42.64.33 [210.42.64.33]) by mailsrv.hbeeh.edu.cn with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.1960.3) ***** Received: from mail.etherworx.com (61.129.53.123 [61.129.53.123]) by mail.ecepdi.stn.sh.cn with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.1960.3) ***** These messages are being sent as Mark.Cella@etherlinx.ca (A domain that is hosted on my server.) Clearly, these emails are not being routed through my servers. However, whenever these spam mails bounce, they are coming back to mail.etherworx.com. I have no idea whatsoever as to how I can stop these... Anybody??? William J. Petch System Administrator EtherworX, Inc. ----- Original Message ----- From: "Graham Rose" <graham@avint.net> To: <freebsd-security@FreeBSD.ORG> Sent: Thursday, February 14, 2002 12:05 PM Subject: Re: sendmail ; bogus letters > Add entries for the Open Relay Database (www.ordb.org & > www.ordb.org/faq/#sendmail) and spamcop.net (www.spamcop.net) > Configuring your mail server to use these lists of known spammers will block > most spam. I've noticed a 10 fold decrease on my mail server, with thousands of > spam blocked each day. > Note: Setup instructions vary depending on the version of sendmail you run. See > above urls for details. > > -- > Graham Rose > Network Administrator > Avalon InterConnect & Infotech Canada > graham@infotechcanada.com > graham@avint.net > http://www.avint.net > http://www.infotechcanada.com > > > > On Thu, 14 Feb 2002, Dave wrote: > > Some of my accounts are getting some spam (what else is new on the > > internet?). However, the "from" addresses of these letters are not even > > valid (as is with a lot of spam). In a couple of cases they are, but I > > question the letter actually came from the sender listed. > > > > Is there something I can do in the sendmail.cf file or other configuration > > change to drop these kinds of letters? Other solutions? > > > > I've thought of denying messages from free mail sites, but I imagine some > > spam is from elsewhere. I would think it is possible to ditch bulkmail, I > > know that yahoo.com has a bulkmail folder -- and I heard yahoo runs > > FreeBSD too :) How are the letters discriminated from eachother as a bulk > > versus a possible real one? > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > ------=_NextPart_000_001C_01C1B550.0119E550 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIII9TCCAoQw ggHtoAMCAQICAwaH1jANBgkqhkiG9w0BAQIFADCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdl c3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsT FENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAw MC44LjMwMB4XDTAyMDExNzAzMzc1OVoXDTAzMDExNzAzMzc1OVowRzEfMB0GA1UEAxMWVGhhd3Rl IEZyZWVtYWlsIE1lbWJlcjEkMCIGCSqGSIb3DQEJARYVdHdvZm91ckBldGhlcndvcnguY29tMIGf MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCyX8wS7FtsBGzAkEXuRDNP3I69EWcKVq5kM7DcIcjG eZxBl1QTX6ETo4BJNlbiruBJ3hPK476etfhPSo33j4ne05TZU7rNpi0xDcpI1Df89kE7FSXfsPiP GfesOwMPcpuCvdPIskzdLvetEZMjy7ObJ7PIQVRn+qalgLSWJlPRawIDAQABozIwMDAgBgNVHREE GTAXgRV0d29mb3VyQGV0aGVyd29yeC5jb20wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQIFAAOB gQA17tD7bZfdpA5dGgmVfOdc5DNl6qD7h/iA/IlNUjv9ctABy1uJoP6s5wwuNO/FugZT8IwYeuIX I7T2qMnMP+0yZYUQ49NPFhPpTBpdtUAZhctdMJf9frL3zK2cUpuKXSSqVcHSc3oEQm1EDICc1JAu I1UoAIQJZNTHquB8MwR4QzCCAy0wggKWoAMCAQICAQAwDQYJKoZIhvcNAQEEBQAwgdExCzAJBgNV BAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UE ChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2 aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJ ARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw05NjAxMDEwMDAwMDBaFw0yMDEyMzEy MzU5NTlaMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlD YXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZpY2F0 aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwg Q0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20wgZ8wDQYJKoZI hvcNAQEBBQADgY0AMIGJAoGBANRp19SwlGRbcelH2AxRtupykbCEXn0tDY97Et+FJXUodDpCLGMn n5V7S+9+GYcdhuqj3bnOlmQawhRuRKx85o/oTQ9xH0A4pgCjh3j2+ZSGXq3qwF5269kUo11uenwM pUtVfwYZKX+emibVars4JAhqmMex2qOYkf152+VaxBy5AgMBAAGjEzARMA8GA1UdEwEB/wQFMAMB Af8wDQYJKoZIhvcNAQEEBQADgYEAx+ySfk749ZalZ2IqpPBNEWDQb41gWGGsJrtSNVwIzzD7qEqW ih9iQiOMFw/0umScF6xHKd+dmF7SbGBxXKKs3Hnj524ARx+1DSjoAp3kmv0T9KbZfLH43F8jJgmR gHPQFBveQ6mDJfLmnC8Vyv6mq4oHdYsM3VGEa+T40c53ooEwggM4MIICoaADAgECAhBmRXK3zHT1 z2N2RYTQLpEBMA0GCSqGSIb3DQEBBAUAMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVy biBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgw JgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUg UGVyc29uYWwgRnJlZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRo YXd0ZS5jb20wHhcNMDAwODMwMDAwMDAwWhcNMDQwODI3MjM1OTU5WjCBkjELMAkGA1UEBhMCWkEx FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3 dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVl bWFpbCBSU0EgMjAwMC44LjMwMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMzKmY8cJJUU+ 0m54J2eBxdqIGYKXDuNEKYpjNSptcDz63K737nRvMLwzkH/5NHGgo22Y8cNPomXbDfpL8dbdYaX5 hc1VmjUanZJ1qCeu2HL5ugL217CR3hzpq+AYA6h8Q0JQUYeDPPA5tJtUihOH/7ObnUlmAC0JieyU a+mhaQIDAQABo04wTDApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRUHJpdmF0ZUxhYmVsMS0yOTcw EgYDVR0TAQH/BAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAMbFLR135 AXHl9VNsXXnWPZjAJhNigSKnEvgilegbSbcnewQ5uvzm8iTrkfq97A0qOPdQVahs9w2tTBu8A/S1 66JHn2yiDFiNMUIJEWywGmnRKxKyQF1q+XnQ6i4l3Yrk/NsNH50C81rbyjz2ROomaYd/SJ7OpZ/n hNjJYmKtBcYxggH+MIIB+gIBATCBmjCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4g Q2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRp ZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMw AgMGh9YwCQYFKw4DAhoFAKCBujAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJ BTEPFw0wMjAyMTQxNzA2MTZaMCMGCSqGSIb3DQEJBDEWBBShDSBZ7qiR/I/AuMGMiD8RMjxExDBb BgkqhkiG9w0BCQ8xTjBMMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIB QDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDAHBgUrDgMCHTANBgkqhkiG9w0BAQEFAASBgJHbmzGo vJbXANFcdmXd3o8XHQQY/Lz3a8Zhwlcs4sSab0ge652zGMsQ5uVDiEy20yVWExiSMjQCRaPLNfZu xBRtrlkbA8jfyxV2ECXItQDn9vNfGD59+BD5qXYKfYXFB7sURdcCsFq5Bphh3+Jd8buUMzVtq8Ga I+RR1aK9BeJrAAAAAAAA ------=_NextPart_000_001C_01C1B550.0119E550-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002001c1b579$eab38b70$4e00000a>