Re: [vox-tech] spams originating from my friends server
Quoting Bill Kendrick ([EMAIL PROTECTED]): > When I checked my email this morning, I was greeted with what must have been > about 200 bounced messages. Spams which someone sent, and used one of my > addresses as the "From:" line. So, when the spams hit tons of nonexistant > or blocking addresses, _I_ ended up with them in my inbox. Ja. ;-> I also get a bunch of this sort of thing from people's broken virus-checking programs, every time a new piece of MS-Windows malware comes out. -- Cheers, "This is Unix. Stop acting so helpless." Rick Moen -- D.J. Bernstein [EMAIL PROTECTED] ___ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] spams originating from my friends server
On Tue, Jan 20, 2004 at 11:08:21AM -0800, Bill Kendrick wrote: > Thankfully, I check my email on my ISP, so I don't have to download all of > that junk. Also, I use Mutt, so it was easy to hit [L]imit, type > "failure", and then hold the [D]elete key down for a few seconds to wipe > 'em out. Or in one step as [D]elete-patern "failure" (as opposed to [d]elete) Also probably quicker than your limit as [T]ag-pattern [;](apply next function to all tagged messages) [d]elete That's the power of programs with more features you can ever remember... ;-) ___ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] spams originating from my friends server
On Tue, Jan 20, 2004 at 08:37:31AM -0800, Rick Moen wrote: > Often, it turns out that the complainant is fundamentally mistaken, and > the offending mail never went anywhere near your MTA. People frequently > file mistaken reports of this nature because they credulously believe > forged "From:" and similar headers, having themselves never learned > header analysis. Spammers and creators of malware software typically > cause headers to be forged in order to evade responsibility and shift > all blame onto others (such as your friend). When I checked my email this morning, I was greeted with what must have been about 200 bounced messages. Spams which someone sent, and used one of my addresses as the "From:" line. So, when the spams hit tons of nonexistant or blocking addresses, _I_ ended up with them in my inbox. Thankfully, I check my email on my ISP, so I don't have to download all of that junk. Also, I use Mutt, so it was easy to hit [L]imit, type "failure", and then hold the [D]elete key down for a few seconds to wipe 'em out. Still pretty damned irritating. One day I might become one of those tech-geek-hermits who never use e-mail. (KIDDING) ;^) -bill! ___ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] spams originating from my friends server
Quoting karthikeyan.balasubramanian ([EMAIL PROTECTED]): > One my friend has a server with some limited number of hosting. > > He is managing the whole server through CPanel. Now he is getting > complaints from various people that lots of spam is coming from his > server. Your friend's logical first step is to request copies of the offending e-mails _with full headers_. People often fail to comprehend the latter phrase, or are so unable to use their own mail user agents that they prove hapless to comply, so that first step can be a challenge. Once he is in possession of some sample e-mails, the next step is to analyse SMTP headers to determine the mail's origin. If your friend doesn't yet know how to do that, he's behind the curve and needs to catch up. (What I mean is that it's a prerequisite knack for anyone running an MTA, for reasons your friend is now finding out.) The alt.spam FAQ's tutorial on the subject is as good as any: http://digital.net/~gandalf/spamfaq.html#item2 Often, it turns out that the complainant is fundamentally mistaken, and the offending mail never went anywhere near your MTA. People frequently file mistaken reports of this nature because they credulously believe forged "From:" and similar headers, having themselves never learned header analysis. Spammers and creators of malware software typically cause headers to be forged in order to evade responsibility and shift all blame onto others (such as your friend). Once the mail's IP address of origin has been narrowed down, your friend may no longer bear responsibility for the mail at all. Alternatively, if it _did_ enter the SMTP stream at his host, he can examine his logs to find out from whom, how, and when. > SMTP port is blocked already The above is a bit vague. Blocked from where? Surely it isn't blocked from localhost, for example. -- Cheers, Rick Moen "vi is my shepherd; I shall not font." [EMAIL PROTECTED] -- Psalm 0.1 beta ___ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech
[vox-tech] spams originating from my friends server
Hi, One my friend has a server with some limited number of hosting. He is managing the whole server through CPanel. Now he is getting complaints from various people that lots of spam is coming from his server. Now the question is 1. How to trace which user is sending these spams? 2. How to stop it. Additional Info : Server Redhat 9.0 Mail Server : Exim SMTP port is blocked already Any inputs are welcome. Karthikeyan B ___ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech