Joe
� File Name Size From Time Stamp Recipient S.0000344444 5K [EMAIL PROTECTED] 9:47:19 AM [EMAIL PROTECTED] S.0000344445 6K [EMAIL PROTECTED] 9:47:21 AM [EMAIL PROTECTED] S.0000344447 2K [EMAIL PROTECTED] 9:47:21 AM [EMAIL PROTECTED] S.0000344446 6K [EMAIL PROTECTED] 9:47:23 AM [EMAIL PROTECTED] S.0000344449 6K [EMAIL PROTECTED] 9:47:25 AM [EMAIL PROTECTED] S.0000344450 6K [EMAIL PROTECTED] 9:47:27 AM [EMAIL PROTECTED] S.0000344451 6K [EMAIL PROTECTED] 9:47:28 AM [EMAIL PROTECTED] S.0000344453 2K [EMAIL PROTECTED] 9:47:29 AM [EMAIL PROTECTED] S.0000344452 6K [EMAIL PROTECTED] 9:47:29 AM [EMAIL PROTECTED] S.0000344454 5K [EMAIL PROTECTED] 9:47:31 AM [EMAIL PROTECTED] S.0000344457 6K [EMAIL PROTECTED] 9:47:35 AM [EMAIL PROTECTED] S.0000344459 2K [EMAIL PROTECTED] 9:47:36 AM [EMAIL PROTECTED] S.0000344458 6K [EMAIL PROTECTED] 9:47:37 AM [EMAIL PROTECTED] S.0000344462 2K [EMAIL PROTECTED] 9:47:38 AM [EMAIL PROTECTED] S.0000344461 5K [EMAIL PROTECTED] 9:47:39 AM [EMAIL PROTECTED] S.0000344465 2K [EMAIL PROTECTED] 9:47:40 AM [EMAIL PROTECTED] S.0000344464 5K [EMAIL PROTECTED] 9:47:40 AM [EMAIL PROTECTED] S.0000344467 6K [EMAIL PROTECTED] 9:47:42 AM [EMAIL PROTECTED] S.0000344470 2K [EMAIL PROTECTED] 9:47:42 AM [EMAIL PROTECTED] S.0000344469 6K [EMAIL PROTECTED] 9:47:43 AM [EMAIL PROTECTED] S.0000344473 2K [EMAIL PROTECTED] 9:47:44 AM [EMAIL PROTECTED] S.0000344472 6K [EMAIL PROTECTED] 9:47:44 AM [EMAIL PROTECTED] S.0000344477 6K [EMAIL PROTECTED] 9:47:49 AM S.0000344479 6K [EMAIL PROTECTED] 9:47:52 AM [EMAIL PROTECTED] S.0000344480 6K [EMAIL PROTECTED] 9:47:53 AM [EMAIL PROTECTED] S.0000344482 2K [EMAIL PROTECTED] 9:47:54 AM [EMAIL PROTECTED] S.0000344481 6K [EMAIL PROTECTED] 9:47:56 AM [EMAIL PROTECTED] S.0000344486 2K [EMAIL PROTECTED] 9:47:57 AM [EMAIL PROTECTED] S.0000344485 6K [EMAIL PROTECTED] 9:47:57 AM [EMAIL PROTECTED] S.0000344489 2K [EMAIL PROTECTED] 9:47:59 AM [EMAIL PROTECTED] S.0000344491 2K [EMAIL PROTECTED] 9:48:01 AM [EMAIL PROTECTED] S.0000344495 6K [EMAIL PROTECTED] 9:48:04 AM [EMAIL PROTECTED] S.0000344497 5K [EMAIL PROTECTED] 9:48:05 AM [EMAIL PROTECTED] S.0000344500 6K [EMAIL PROTECTED] 9:48:08 AM [EMAIL PROTECTED]
On Dec 7, 2003, at 10:03 AM, Joe Sporleder wrote:
Dear Fellow SIMS users,
I am using SIMS version 1.8B9d14. For the second time in about the last 3 weeks, my server has been hijacked by spammers apparently relaying their crap through my server. Anyways, that is what I am led to believe when SIMS stops responding because it has run out of memory, and I find almost 28,000 messages stuck in the Queue folder. The only way I can recover this is delete the whole queue folder and let SIMS rebuild a new one. The first time I accepted responsibility and figured that an IP in my CLient Hosts was an open relay and they were getting to me through it. However, I deleted every single IP address in the Client Hosts IP list, so the only way anyone should be able to relay is the clients on this SIMS server.
Thus, I have no IPs in the Client Host lists, I have a long list in my Black Listed IPs, I have use Blacklist DNS Servers checked, I have verify return paths checked, and I use several RBLs, which include the following.
cbl.abuseat.org opm.blitzed.org sbl.spamhaus.org cn-kr.blackholes.us singapore.blackholes.us nigeria.blackholes.us malaysia.blackholes.us brazil.blackholes.us relays.ordb.org korea.services.net
So, how can I have all of this junk that appears to be relays in my Queue when I have every single anti-spam option checked? The first time, I was fortunate that this old PowerMac 8500 doesn't have a lot of memory and SIMS clammed up early. My IP, 199.3.212.41 was reported to ORDB to check for an open relay, but it passed. But apparently there is something wrong here. I have my SMTP logging set as high as it'll go, but I have a 38MB log so far for today, and am not sure what to look for as a clue to what is going on here. Any help would be greatly appreciated. We are a very small publishing company with simple email needs, but maybe we need to look at a commercial solution. I also use SIMS on my home network as a hobby to run mailing lists, so I would like to keep running SIMS there (from which I am sending you this email), so far it hasn't been attacked by spam relayers.
Thus, with all of the anti-spam options on, and relaying for clients only, how can spammers get in and use me as a relay? Most of my users are on Macintoshes, except for perhaps a couple of outbound sales people and a couple of advertisers, and most of those have dial up connections.
Joe Sporleder a Desperate SIMS administrator!
############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
