May 17th, 2003, 06:20 PM
Here's my RANT on spam. Accidentally, I left SMTP relay open on my mail server. (dumb dumb dumb) Within 12 hours there were over 1500 emails relayed.
What was interesting is everyone was from AOL accounts in China. And everyone contained a CC to net-promoter.net.
To my mind; those FREE AOL CD's are being used/abused by the spammers. Net-Promoter.net seems to be the 'culprit' here by actively promoting spam mail. (even though their site says otherwise)
Cannot have net-promoter shut down. Wouldn't help anyway cause they would just open up under a new name.
AOL won't stop sending out Free CD's. Their stock prices fell from $96 to $14 and they NEED the money.
That's it. I have vented my spleen.
May 17th, 2003, 07:18 PM
Well, I hate to say it but you learned a valuable lesson....Always test new mail servers to see if they are an open relay.
And the part about AOL discs being given away. What in the hell else would I use for target practice with my paintball gun???? Those are integral part of my day.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
May 17th, 2003, 07:23 PM
Wow man that sucks well i guess u wont ever do that again will you. Lmao!! 1500 e-mails damn man u got screwed over pretty good. -Twisted
May 17th, 2003, 09:24 PM
Even beyond just the open relay some will look for servers that relay then try to find an existing account. In other words they'll hack an email server. this and other tricks they'll use.
You best bet is to block all incoming packets from these location (countrys) either at the router or with a firewall. i mean really how many of us have ligitimate incoming communications with china unless you have people there or are a multi-national conglomerate.
just block entire IP ranges or subnets like:
188.8.131.52 - 184.108.40.206
(i have the list at work if your interested)
the only things we get from china and S E Asia in general are spam, porn and hack attempts
If you dont the next hole thats found will be used against you.
A couple of years ago, before i knew better 15k spam letters went threw my server in one day. it was so intense we couldnt send or receive any mail. even after i stopped the relaying they kept coming, tieing up our sever sending 'user not local' messages by the score. it took me 2 week to find all the black hole lists we'd been added too and get retested and our ip addy removed.
just block them all.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
May 18th, 2003, 03:19 AM
many ISP's like earthlink/mindspring will actually disallow relaying unless your on their networks as well. Our mailservers too are pretty nazi when it comes to who can relay and who cant.
If the only people that need to send mail are inside your subnet, no point in denying access to certain ranges, just deny all and open the subnet you need to relay from. this is the same preferred tactic with any firewall...
start with a good deny any any and open whatcha need... most mail servers will also let you specify limits on how many recipients per envelope and other options that will help you perform some damage control should someone relay anyways. Look into whats available for your mail server in those regards to add a little extra safety.
Spam is definately not going away, and the more idealistic we get in blocking it the more inventive others will get in sending it.... it's a vicious cycle.... stop the world I wanna get off!!!
I\'ll preach my pessimism right out loud to anyone that listens!
I\'m not afraid to be alive.... I\'m afraid to be alone.