Date: Mon, 1 Dec 1997 09:47:20 -0500 (EST) From: Jamie Bowden <jamie@itribe.net> To: Greg Lehey <grog@lemis.com> Cc: mika ruohotie <bsdchat@shadows.aeon.net>, chat@FreeBSD.ORG Subject: Re: annoying spammers... Message-ID: <199712011443.JAA07461@gatekeeper.itribe.net> In-Reply-To: <19971129155438.60843@lemis.com>
next in thread | previous in thread | raw e-mail | index | archive | help
We have the domain html.com. We have had it for over 3 years now, but recently millions of spam messages have gone out on the net with a from line of 1234567@html.com (the address is always some random number). All the bounce messages come our server, despite the fact that we didn't send them. I had to remove the server's ability to recieve mail at html.com about 2 weeks ago, as it was getting several hundred return mails a minute. It now routes all mail to <number>@html.com to /dev/null. Not that it stops my mailbox from filling up with requests from people who don't know how to read a fscking header who send mail to us whining about being removed from our lists. *sigh* On Sat, 29 Nov 1997, Greg Lehey wrote: > On Sat, Nov 29, 1997 at 12:22:17AM +0200, mika ruohotie wrote: > > uh, i think this would go best here on chat, it's an isp issue too, > > but not really, i dunno. > > > > anyway, just a question if anyone else have noticed that their > > domain has been used in spamming. i mean, not as a relay, but as > > a NAME. > > Yes, it happened to me last night. Something in uunet was using my > mail servers (freebie.lemis.com and allegro.lemis.com) to send out > spam. I stopped the mail server on allegro (which is really just > running a high-pri MX), and left these headers in the spool: > > V2 > T880710622 > K880717164 > N5 > P1114943 > I0/4/731 > MDeferred: 451 <WebSecrets@WebSecrets.Net>... Domain must resolve > $rSMTP > $sALLEGRO.LEMIS.COM > $_1Cust80.tnt18.atl2.da.uu.net [153.36.118.80] > S<WebSecrets@WebSecrets.Net> > RPFD:<carolyn5@ix.netcom.com> > H?P?Return-Path: <WebSecrets@WebSecrets.Net> > HReceived: from ALLEGRO.LEMIS.COM (1Cust80.tnt18.atl2.da.uu.net [153.36.118.80]) > by allegro.lemis.com (8.8.7/8.8.5) with SMTP id UAA15710; > Fri, 28 Nov 1997 20:20:22 +1030 (CST) > H?D?Date: Fri, 28 Nov 1997 20:20:22 +1030 (CST) > H?F?From: WebSecrets@WebSecrets.Net > H?M?Message-Id: <199711280950.UAA15710@allegro.lemis.com> > HSubject: Search Engine Secrets > . > > I installed hub's version of sendmail.cf, added WebSecrets.Net and > SecretsOfTheNet.Com (another one) to the black list. They tried > again, were rejected, and apparently gave up. I've sent complaints to > uunet--let's see how far they get. > > > mickey "yes, i'm fucking frustrated" > > Yup, I was pretty angry, too. > > Greg > Jamie Bowden Systems Administrator, iTRiBE.net If we've got to fight over grep, sign me up. But boggle can go. -Ted Faber (on Hasbro's request for removal of /usr/games/boggle)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199712011443.JAA07461>