[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Returned mail... am i relaying? aaugh!

On Mon, Jan 27, 2003 at 01:26:03PM -0500, Derrick 'dman' Hudson wrote:
> On Mon, Jan 27, 2003 at 11:09:54AM -0600, will trillich wrote:
> | does this [see attachment] indicate that some spammer has found
> | a way to get me to relay his mail? aaugh!
> 
> No.  It means you are the victim of a spammer using your addess as the
> return address.
> 
> Follow the headers in the message :
[snip clear, step-by-step sherlocking]
> Your system is ok, Will.  It is unfortunate, however, when spammers
> can abuse correct but sub-optimal SMTP servers to deliver the spam as
> a bounce.

very nice explanation. i'll be able to do s'more of my own
snooping next time. many thanks!

-- 
I use Debian/GNU Linux version 3.0;
Linux server 2.4.20-k6 #1 Mon Jan 13 23:49:14 EST 2003 i586 unknown
 
DEBIAN NEWBIE TIP #124 from dman <dsh8290@rit.edu>
:
So you've decided to BLOCK ALL TRAFFIC EXCEPT SSH.  What you
need to do is specify the port to allow.  ssh uses port 22 by
default -- With iptables try:
    iptables -A INPUT -p TCP --dport ssh -j ACCEPT
This says that in the input chain, for tcp packets, if the port
number matches ssh in /etc/services then accept the packet
regardless of IP addresses.  (This should give you a pointer
towards the necessary ipchains options if you don't have
iptables available.)

Also see http://newbieDoc.sourceForge.net/ ...
Reply to: