on Wed, Dec 27, 2000 at 11:57:54PM +0100, Peczoli Zoltan (pocok@pcdome.hu) wrote: > Hi, > > > > Envelope-to: somebody@mydomain.com > > > Received: from [212.108.236.133] (helo=d4t2e9) > > > by mydomain.com with smtp (Exim 3.16 #1 (Debian)) > > > id 149C7D-0000vQ-00 > > > for <somebody@mydomain.com>; Thu, 21 Dec 2000 21:15:04 +0100 > > > MIME-Version: 1.0 > > > Content-Type: multipart/mixed; boundary="--VE74123GD23SXEF4TEZW167" > > > Message-Id: <E149C7D-0000vQ-00@mydomain.com> > > > From: Remote Mail Delivery System <> > > > Bcc: > > > Date: Thu, 21 Dec 2000 21:15:04 +0100 > > > Status: > > > X-PMFLAGS: 570949760 0 1 P29A60.CNM > > > If you're 212.108.236.133, then yes, it appears you're relaying. It's > > the "Received:" lines you want to trace. I'm finding this to be near > > s0-mezokovesd.elender.hu. That you? > > No, it seems like a dial-in user of an ISP. I have no idea who this could > be. What is the (helo=d4t2e9) part? That's part of the MTA acknowledgement, I think. I don't know mail transfer protocols very well. > Anyway, my exim config says: > > host_accept_relay = localhost > > so it seems Exim does not relay for anyone except localhost (which in this > case means mydomain.com) How do you get your mail -- direct to port 25, or from a POP or IMAP server someplace? > > Procmail or specific IP blocks in your MTA. > > Specific IP blocks don't work on dial-in spam, while procmail does its job > on per-user basis, but a system-wide solution would be better. Am I wrong? See DUL blocking at RBL. You haven't defined what your system is, it's hard to give a fix. Are you a single box, a network, an ISP, something else? How many users? What kind of fix, how secure a block? -- Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/ Evangelist, Zelerate, Inc. http://www.zelerate.org What part of "Gestalt" don't you understand? There is no K5 cabal http://gestalt-system.sourceforge.net/ http://www.kuro5hin.org
Attachment:
pgpjfD7T0_q4Y.pgp
Description: PGP signature