Results 1 to 7 of 7

Thread: Need Urgent Help

  1. #1
    Junior Member
    Join Date
    Oct 2001
    Posts
    1

    Need Urgent Help

    so two weeks ago my domain hosting company had a major DOS attack and I received spam email addressed to me from my own website url address. I used Sam Spade to trace the IP in the headers and discovered that they were compromised.

    I reported the problem to the domain company and since they were working on it... except for today I recieved yet another spam email .. I am sooo tired of getting these emails and I can't even email the tech support people at hostsave, it gets intercepted from the spammers... anyone can help?
    Doing Research on the Web is like using a library assembled piecemeal by packrats and vandalized nightly

  2. #2
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    If you have their number call them and see whats up. if you don't have a number do a whois on them.
    =

  3. #3
    HeadShot Master N1nja Cybr1d's Avatar
    Join Date
    Jul 2003
    Location
    Boston, MA
    Posts
    1,840
    Try some anti-spam software and also change your settings to accept email from just addresses you tell it to. unless u need the email for public use too. Also...which domain did u call? Yours or the one where the spam was coming from? do a neotrace on the IP as well as the /whois mentioned above.

    I'm sorry for the post, I saw the date only after I clicked submit. I hope it still helps her tho

  4. #4
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785
    sounds like their still owned and either dont know or dont really care lthough i fail to see how a DoS attack can lead to a compromised system so i better ask:

    What exactly are you calling spam? to me and everyone else spammers mass mail ads for money. grabing your email is not really high on their agenda,

    you say you traced the header IP addys and found them to be compromised, How? Sam Spade does not tell you that, unless your reading something into the term "bogus" that isn't there.

    i guess i just dont understand what your saying
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  5. #5
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    Tell your ISP (or whoever is hosting your mail) to disable SMTP relaying, or configure it correctly. This should resolve the problem

  6. #6
    It may not be compromised at all. They could unknowingly have an open SMTP relay (very common) which the spammer could be sending email. And it sounds like an open SMTP relay was used in conjunction with a spam program, which is why you received mail from yourself seemingly.

  7. #7
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785
    thats what it sounds like except for this:

    "I can't even email the tech support people at hostsave, it gets intercepted from the spammers... "

    so i checked and looks like it is an open relay:

    220 logs-xxxxxxx.com ESMTP Sendmail 8.12.9/8.12.9; Thu, 24 Jul 2003 00:01:05 GMT

    HELO hostsave.com
    250 logs-xxxxxxx.com Hello AC913548.ipt.aol.com [172.145.53.72], pleased to meet you

    MAIL FROM:<<me>.com@hostsave.com>
    250 2.1.0 <me.com@hostsave.com>... Sender ok

    RCPT TO:<me.com>
    250 2.1.5 <me.com>... Recipient ok

    DATA
    354 Enter mail, end with "." on a line by itself

    To: me.com

    From: me.com (Spade relay check)

    Subject: hostsave.com relay check

    .
    250 2.0.0 h6O0157u228395 Message accepted for delivery

    QUIT
    221 2.0.0 me.com closing connection

    wouldn't it be ironic if hostsave subscribes to a black-hole service and thats why she can't reach tech support?
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •