Seth Lane writes:
I did some testing and this email from abuse.net apparently thinks I am
although for the life of me I can't figure out how. I am also getting
several "bounced" emails/day from Postmasters which I know I didn't send
email too.
Me too. This is called "backscatter" of forged spam.
I semi-automatically blacklist any mail server that bounces anything to me
something that I did not send. This is considered a security hole on the
temporary Internet.
My blacklist is up to a couple of thousand IP address, now.
I went to the URL at bottom but nothing on Courier there. I
know Courier is supposed to stop relaying by default but then how did this
email get to me and why am I getting bounced emails for emails I never
sent?
Here's the email from abuse.net which tested relaying:
Delivered-To: sla...@ping-us.com
Return-Path: <spam...@abuse.net>
Received: from www.abuse.net (www.abuse.net [::ffff:208.31.42.77])
by www.ping-us.com with esmtp; Tue, 27 Dec 2005 07:19:20 -0800
To: sla...@ping-us.com
From: secu...@abuse.net
Subject: Test for susceptibility of ping-us.com to third-party mail relay
Date: Tue, 27 Dec 2005 15:10:08 GMT
Message-Id: <rlyt...@abuse.net>
Sender: sla...@ping-us.com
X-Sender-IP: 162.84.183.84
X-Envelope: <spam...@abuse.net> -> <sla...@ping-us.com>
This is a test of third-party mail relay, generated via the
Network Abuse Clearinghouse at http://www.abuse.net.
Target host = www.ping-us.com [207.234.130.23]
Test performed by <sla...@ping-us.com> from 162.84.183.84
A well-configured mail server should NOT relay third-party email.
Otherwise, the server is subject to abuse by vandals and spammers,
and probable blacklisting by recipients of the unwanted third-party
e-mail.
For information on how to secure a mail server against third-party
relay, visit <URL: http://www.mail-abuse.com/support/an_sec3rdparty.html>.
There's nothing above that suggests that your server is an open relay.
2 messages in net.sourceforge.lists.courier-usersRe: [courier-users] is my server a re...
