FC: Send email, get your server probed as a possible spam source?

From: Declan McCullagh (declanat_private)
Date: Mon Feb 24 2003 - 08:07:15 PST

  • Next message: Declan McCullagh: "FC: Rep. Berman may not reintroduce P2P hacking bill"

    [Is it any wonder why so few people read postmaster@domainname email 
    anymore? --Declan]
    
    ---
    
    Date: Sat, 22 Feb 2003 18:26:29 -0800 (PST)
    To: Declan McCullagh <declanat_private>
    Subject: relay testing to the extreme
    From: Chris Caputo <ccaputoat_private>
    
    
    You gotta love the last paragraph of the relay probe below.
    
    In less than a minute tofu.alt.net (my main mail server) received 29 probe
    messages of various types, like the one below, from bnr.ca, because
    apparently bnr.ca received, oh my gosh, an email from my server.  As
    postmaster, when the probe messages don't work, as they should not if you
    don't allow open relaying, the messages end up in my mailbox.
    
    Is this (every server checking every server for open relay ability) the
    future of spam avoidance?
    
    The funny thing is that it looks like this was in response to my server
    bouncing messages back to bnr.ca due to spam that bnr.ca sent to invalid
    addresses at my domain!
    
    Chris
    
    ---------- Forwarded message ----------
    Date: 23 Feb 2003 00:53:32 -0000
    From: MAILER-DAEMONat_private
    To: nobodyat_private
    Subject: failure notice
    
    Hi. This is the qmail-send program at tofu.alt.net.
    I'm afraid I wasn't able to deliver your message to the following addresses.
    This is a permanent error; I've given up. Sorry it didn't work out.
    
    <relaytester%bnr.caat_private>:
    Sorry, no mailbox here by that name. (#5.1.1)
    
    --- Below this line is a copy of the message.
    
    Return-Path: <nobodyat_private>
    Received: (qmail 9824 invoked from network); 23 Feb 2003 00:53:17 -0000
    Received: from qcare034.nortelnetworks.com (HELO nortelnetworks.com) 
    (47.248.124.34)
       by tofu.alt.net with SMTP; 23 Feb 2003 00:53:17 -0000
    Message-ID: <pdn2M_w9ri6EloSn2PyjXlRJ#nT#BwxIat_private>
    Date: Sun, 23 Feb 2003 00:52:57 +0000
    To: <relaytesterat_private>
    Subject: Open Relay Test Message
    
    DSBL LISTME: smtp 207.14.113.2
    pdn2M_w9ri6EloSn2PyjXlRJ#nT#BwxI
    MAIL FROM:<nobodyat_private>
    RCPT TO:<"relaytester%bnr.ca">
    DSBL END
    
    This message is a test of your mail server to determine if
    it will perform relaying (re-sending) of e-mail messages
    for unauthorized outside parties.  This capability, if
    enabled in your mail server, is widely considered to be
    serious flaw in mail server security.
    
    Your mail server is being tested for relaying capability
    because we have received mail from it and wish to determine
    its likelihood to be abused by spammers.
    
    
    
    
    -------------------------------------------------------------------------
    POLITECH -- Declan McCullagh's politics and technology mailing list
    You may redistribute this message freely if you include this notice.
    To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
    This message is archived at http://www.politechbot.com/
    Like Politech? Make a donation here: http://www.politechbot.com/donate/
    -------------------------------------------------------------------------
    Declan McCullagh's photographs are at http://www.mccullagh.org/
    -------------------------------------------------------------------------
    



    This archive was generated by hypermail 2b30 : Mon Feb 24 2003 - 08:22:32 PST