Re: Be careful

[Robert Creager <Robert_Creager@LogicalChaos.org>]

When grilled further on (Fri, 26 Mar 2004 08:55:25 -0600),
David Dunbar <ddunbar@geocenter.com> confessed:

> 
> If you are getting a lot of bounced messages you may want to check that 
> your mail server is not an "open relay". Our old one was and it was 
> getting hammered by spammers sending junk through it. We got put on a 
> couple of black lists until I replaced the server with the latest 
> Sendmail.

I know this isn't the case.  The trail in the e-mail headers clearly shows just
plain old domain spoofing.  Plus, I'm using www.iniquinet.com for my domain
management, not my personal machine, and they have some good practices in
place.  Here is an example of the spoofing:

Received: from microsoft.com ([211.242.26.153])
          by priv-edtnes14-hme0.telusplanet.net
          (InterMail vM.6.00.05.02 201-2115-109-103-20031105) with SMTP
          id
<20040207061548.SUTV22100.priv-edtnes14-hme0.telusplanet.net@microsoft.com>     
    for <brianmac@agt.net>; Fri, 6 Feb 2004 23:15:48 -0700
Received: from sdsp.mc.xerox.com [83.71.75.94] by crl.kyocera.co.jp (Postfix)
with ESMTP id 083F13DB4275 for <brianmac@agt.net>; Fri, 06 Feb 2004 23:11:03
+0000 Date: Fri, 06 Feb 2004 23:11:03 +0000
From: cris@logicalchaos.org
Subject: *TELUS Detected Spam* Brianmac, How I became Mr. King DongzHbZHaqxRez8?
To: Brianmac <brianmac@agt.net>
References: <BB1D9F69412242B0@agt.net>
In-Reply-To: <BB1D9F69412242B0@agt.net>
Message-ID: <DB80B94848BCE2F9@logicalchaos.org>
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit

-- 
 08:03:55 up  9:46,  1 user,  load average: 5.04, 4.62, 4.31
Linux 2.4.21-0.14 #67 SMP Wed Mar 24 19:04:06 MST 2004

PGP signature