[TriLUG] Access for sending mail through smtp-server.nc.rr.com

Steve Williams spwilliamsjr at hotmail.com
Thu Aug 5 14:41:36 EDT 2004 

As long as your network connectivity is still working, you havent been
*suspended* from service.  All you've run up against is the limit to the #
of emails that can be sent in one 24 hour period.

Are you *positive* that you've removed all of the queued messages from the
system?  They will likely sit there waiting for the ability to send again,
at which point you'll send and send until the daily limit is reached
again...

To "track them down" you'll need to look at the headers of the emails to see
if that gives any clues - though its very likely those were forged and wont
give any good info.  Do you have any connection logs that would show where
the connections came from?  If you "track them down", what do you think you
could do about it?  You were the one who put the unprotected email server on
the internet...

-Steve

----- Original Message ----- 
From: "Michael Thompson" <thompson at easternrad.com>
To: "Triangle Linux Users Group discussion list" <trilug at trilug.org>
Sent: Thursday, August 05, 2004 12:42 PM
Subject: Re: [TriLUG] Access for sending mail through smtp-server.nc.rr.com


> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> 1.  Call RR to explain that you no longer have an open relay and ask
> nicely to have them turn your service back on.
>
> 2.  Remove the Windows machine from the net.  The next M$ vulnerability
> or virus will get you spamming again in no time, and we all *really*
> appreciate that.</sarcasm>  There are a number of nice mail servers for
> Linux, and you can get them for free.  I'm sure that there are many
> helpful people on this list who can assist you, of course *after* you've
> read the basic documentation.  (Trilug helps those who help themselves)
>
> 3.  Repeat this statement 1000 times in your head:
>
> ~    "I will not put untested mail servers on
> ~     the net and contribute to spam..."
>
> 4.  Dont get offended by the multitude of flames that are most likely to
> come your way for mentioning that *other* mail server on a Linux list.
> Hey, you asked for it!  ;-)
>
> 5.  Install/Learn/Love Linux and join the many happy computer users who
> do not fret over viruses, unpatched security flaws, silly licensing
> schemes, etc...
>
> - --mike
>
>
>
> Spain, Jamil wrote:
> | Hello all..
> |
> | I have an exchange server 5.5. running from home off my cable modem.. It
> | handles mail for 1 domain as of right now.  It's been running for about
> | 2 weeks, and I didn't yet shutdown open relay.  well it seems someone on
> | the internet found it would relay mail and was using it to send out spam
> | ( quite a few messages ) last week... Of course, the exchange server was
> | configured to accept mail and forward mail to be sent out to
> | smtp-server.nc.rr.com ..
> |
> | well I now get those outbound error notices that they cut off smtp
> | privileges from my 24.x.x.x IP.  once they started rejecting sending, I
> | received over 80,000 spam messages that are currently clogged into my
> | postmaster mailbox for all of last week.. I've closed the relay issue,
> | but now I just want to get to sending out mail again through their smtp
> | server..
> |
> | Is there anyway to get it back activated?  maybe by calling tech
> | support?
> | Since I've closed the open relay, can spammers still get in since they
> | had access before?
> | How can I track them down?
> |
> |
> | ________________________________
> |
> | Sincerely,
> | Jamil Hassan Spain
> | NC School of Science and Mathematics | ITS DEPARTMENT
> | Phone: 919-416-2641
> | Web: www.ncssm.edu <http://www.ncssm.edu/>
> | Email: spain at ncssm.edu
> | ________________________________
> |
> |
> |
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4 (Darwin)
>
> iD8DBQFBEmNpuxlRkoWKZoMRAo0wAJ0cmMIApGSys0gN5Esfy8YZRs8vnwCcD0R6
> 1rGUgR59fSLO8mCNyNnZqkQ=
> =jWpS
> -----END PGP SIGNATURE-----
>
> -- 
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc
>

More information about the TriLUG mailing list