|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: open relay
From: /dev/rob0 (rob0
gmx.co.uk)
Date: Tue Aug 08 2006 - 15:19:09 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tuesday 08 August 2006 14:41, Covington, Chris wrote:
> > I was blocked by my isp provider because i was an open relay?????
>
> Are you running a webserver or proxy server on the same box? Maybe
> your apache/squid/whatever is compromised and is submitting mail
> locally, which is not a Postfix problem.
Right, that or perhaps doing NAT for a Windows virus; non-Postfix spew
will come from the same IP. The ISP ticket had this:
> [ Offending message ]
> Received: from ns4.gisnet.nl ([62.75.209.186]) by bcs-israel.com with
> MailEnable ESMTP; Mon, 07 Aug 2006 10:50:25 +0200
> Received: from 62.75.209.186 (unknown [58.50.52.178])
> by ns4.gisnet.nl (Postfix) with SMTP id 87E41E62694
> for <x>; Mon, 7 Aug 2006 09:45:01 +0200 (CEST)
and hereon are bogus Received headers:
> Received: from 232.128.68.252 by 58.50.52.178; Mon, 07 Aug 2006
> 00:43:36 - -0700
That did NOT go through your Postfix, if I am correct in thinking that
neither 62.75.209.186 nor 58.50.52.178 are you. Block NAT clients from
going out on 25/tcp, find and disinfect your Windows zombie[s].
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]