A mail I just sent Atul Chitnis - for the general comments of the list.
All help appreciated and solicited. You people are the small
majority of people clued enough to appreciate this danger.
> Please keep discussing and suggesting. I will probably not be able to
> read my mail (apparently the connectivity isn't too great where we are
> going) until Wednesday, so please don't don't assume that we lost
> interest! ;-) Jessie and KD of ILUG-BLR will continue to coordinate
> matters.
--------
Hello
We at the Coalition Against Unsolicited E-Mail ( CAUCE -
http://www.cauce.org ) have recently formed a chapter in India.
Briefly, CAUCE is a voluntary organization dedicated to fighting
spam (unsolicited commercial / bulk email).
We would like to give a short presentation (or request you people -
especially the Bangalore Linux User Group) to focus on this at the
IT.COM expo.
India is a ticking time bomb - with a huge number of anonymous
open relays (mostly outdated sendmail boxes, insecure Exchange /
cc:Mail networks ...) ready and waiting for the first spammer to
misuse them.
- From my participation in various anti spam groups, and my
personal experience, India is, sadly, becoming a favourite hunting
ground for spammers searching for open relay SMTP servers to
relay their spam through.
Recent examples include -
- ---------------
[1] BARC - the most well documented case. MilW0rm used several
well documented security holes in the ancient version of sendmail
BARC was running to break in, delete mails etc etc.
[2] tifr.res.in (Tata Institute of Fundamental Research)-
SMI/SVR4, AIX 3.x etc boxes, recently hit by a spammer - leading
to a server crash. The spammer has since been identified by a
member of the SpamL mailing list [*] and I have passed this info to
TIFR's syadmin for further action.
[*] SpamL - [EMAIL PROTECTED] is an anti spam list of
mail admins / sysadmins of ISPs (like Earthlink / Digex / PSI) /
backbone providers (UUNet) / Web hosts (Verio / Concentric etc) ....
as well as ordinary users who are concerned about the spam
problem.
[3] kar.kar.nic.in (National Informatics Center, Bangalore)
SMI/SVR4 box - hit by a spammer. and listed on an anti spam
blacklist called the MAPS RBL (Realtime Blackhole List)
<http://maps.vix.com/rbl/candidacy.html> which shut them off from
over 40% of the Internet.
They have now (after I pointed them to a few resources re this)
upgraded their box to sendmail 8.9.3 and will shortly be delisted
from the RBL.
[3] giascla.vsnl.net.in - VSNL Calcutta - SMI/SVR4 box. No response
from them yet (even after forwarding a copy with full headers) of the
spam, info on how to close their open relays etc etc. Listed in the
RBL - Part of VSNL Calcutta cut off from 40% of the Internet.
[4] mailbg.vsnl.net.in - VSNL Bangalore. SMI/SVR4 or even older
version of sendmail. No response yet - same as their colleagues in
Calcutta.
etc etc etc.
- ----------------
> We would like to give a short presentation (or request you people -
> especially the Bangalore Linux User Group) to focus on this at the
> IT.COM expo.
I hope you see the urgency of this problem and will help me (or
rather the entire Internet community in India) in this matter.
Suresh Ramasubramanian | CAUCE India | http://www.cauce.org
[EMAIL PROTECTED] | [EMAIL PROTECTED]
Phone: +(91-40)3736553/3745398 | eFax: +(1-603)590-5437
Stop Spam | Join CAUCE | http://www.cauce.org
---s
Smeagol Gollum | [EMAIL PROTECTED] | (aka) Suresh R.
http://www.kcircle.com | http://www.angen.net/~pegasus/
Phone: +(91-40)3736553/3745398 | eFax: +(1-603)590-5437
Headline for the day:
Miners refuse to work after death
--------------------------------------------------------------------
The Linux India Mailing List Archives are now available. Please search
the archive at http://lists.linux-india.org/ before posting your question
to avoid repetition and save bandwidth.
