OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Terry H. Gilsenan (thg_at_fission-chips.com.au)
Date: Sun Oct 20 2002 - 22:48:44 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Hi,

    I noticed that the gmx.net SMTP server was used in a spam run for emails
    claimin to be from gmx.de...

    Is this a case of badly configured, server? badly configured Client? or
    badly configured customer?

    I wonder if this is related?

    Regards,
    T

    On Mon, 2002-10-21 at 13:40, wolfgang wrote:
    >
    >
    > ---------- Forwarded Message ----------
    >
    > Subject: domain homelinux.com is blacklisted
    > Date: Mon, 21 Oct 2002 05:27:43 +0200
    > From: wolfgang <GeneralP.Faultgmx.net>
    > To: someonesomehost.homelinux.com
    > Cc: abusewirehub.net, postmasterhomelinux.com
    >
    > hi ...
    >
    > while checking my daily LogWatch output i noticed that an email from you was
    > discarded by my local sendmail MTA so that i did not receive it.
    > log entry:
    > g9KKb9I24325: ruleset=check_mail, arg1=<.......homelinux.com>,
    > relay=data [127.0.0.1], discard
    >
    > i use the spammer blacklist
    > http://basic.wirehub.nl/spamlist-extended.txt to protect myself locally and
    > the users of another mail server that i admin from spam.
    >
    > since homelinux.com is a dyndns domain it is of course possible that spam has
    > been sent from a machine running with a homelinux.com hostname - and that
    > such spam was reported to wirehub.net so that the entire domain was
    > blacklisted. actually, i would assume that it must have been more than one
    > incident that caused the blacklisting of the entire domain :(
    > this shows the risk of any sender blacklist: "false" positives - something
    > you need to be aware of now that you have your postfix running (and
    > generally when sending emails on this planet with it's growing amount of
    > spam).
    >
    > for more details about wirehub.net's antispam policy see
    > http://basic.wirehub.nl/spamstats.html
    >
    > i have now excluded homelinux.com from "my" servers' active blacklists so
    > that i can receive your mails now, nevertheless you may run into the same
    > problem with other mail servers blocking your email address - i know from
    > the postfix mailing list that several members who administer postfix mail
    > servers use that spamlist-extended.txt as one base for anti-spam rules.
    >
    > i have just found another dynamic dns domain that some friends of
    > mine use in spamlist-extended.txt:
    > ath.cx
    >
    > so it goes.
    >
    > best regards,
    > wolfgang
    >
    >
    > -
    > To unsubscribe, send mail to majordomopostfix.org with content
    > (not subject): unsubscribe postfix-users
    >
    >

    ---------------------------------------
    This email was Scanned by RAV Antivirus
    ---------------------------------------

    -
    To unsubscribe, send mail to majordomopostfix.org with content
    (not subject): unsubscribe postfix-users