Wietse Venema wrote:
[]
> > > warning: unknown[211.114.178.34] sent message header instead of SMTP
> > > command: Received: from unknown (62.66.100.31)
[]
> Older Postfix versions would send mail to postmaster if you had
> turned on protocol trouble reporting, and I was getting annoyed by
> several of these in a day. Protocol error reporting is for solving
> compatibility problems, not for telling you that there are idiots
> on the network.

In 99,9% cases, that's not idiots. That's spammers. Who uses various
proxies and the like to send their crap. Doing complete protocol
implementation that works via proxy to send spam out - oh, that's a
"funny" job. Most spamaware works far more simpler: by sending all
the SMTP commands and a message contents in one tcp packet. Without
any error checking. Quick and dirty, but works for sufficient number
of cases - sufficient to be efficient. I was surprized how many
http servers configured to allow constructs like:

 PUT some.mta.tld:25 HTTP/1.0
 Content-Length: 123

 HELO spammerhost
 MAIL FROM:<spammer>
 RCPT TO:<you>
 DATA
 Subject: make money fast
 ...
 .

With that, postfix will see some HTTP headers first (will be
ignored with "command not implemented" errors), and valid SMTP
"dialogue" (one-side only). And in some conditions, a email
"sent" this way may be delivered - especially if http server
is broken enouth too. (The "funniest" thing here - and the
point of my surprize - is that many http "servers" allows one --
every one -- to use every some.mta.tld hostname/IPaddress in
the above "http request").

Regards,
 Michael.
-
To unsubscribe, send mail to majordomopostfix.org with content
(not subject): unsubscribe postfix-users

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]