Subject: Re: MTA listed as a SPAMMER by spamcop.net
From: Tom (thogland@alaskatech.org)
Date: Thu Aug 22 2002 - 12:34:14 AKDT
> > On Wed, 21 Aug 2002, Greg Jetter wrote:
> > Hey folks this was interesting , this morning a friend ask me to rela=
y a
> > e-mail to another friend because it was being bounced , turns out =
it was
> > bounced because the final destination machine was listed as a spam mac=
hine
> > with spamcop.net . funny thing is it's the mail server for MTA !
> >
> > so if your a customer and been having problems with bounce mail this m=
ay be
> > your problem , take a look for yourself
> > =A0http://spamcop.net/bl.shtml?12.6.42.4
>
> On Thu, 22 Aug 2002, Mike Tibor wrote:
> Unless Spamcop is modifying the headers in the example spam messages that
> they show came from goliath.mtaonline.net, Goliath the SOURCE of the spam=
,
> not an open relay. It's noteworthy that in those examples the first
> received line (which doesn't appear to be forged) shows Goliath's sendmai=
l
> accepted the messages for delivery from "nobody@localhost". This would b=
e
> consistent with the use of formmail.pl on Goliath (a horribly insecure
> form to email perl script--this month alone I've had 117 probes for it on
> just one server). The alternative is that someone with shell access may
> be sending out the spam, but I think that would be unlikely.
I've basically ignored this, except as a curiosity, because although I'm
on MTA's DSL, I have my mail server hosted at GCI. Then, I read Mike's
reply. My server name is Goliath... So, I check for formmail.pl, and don't
find it anywhere. Since I'm still wondering if it decided to append my
mtaonline.net DSL ID to the goliath server name, I check further...
What's the chances of having *two* mail servers named Goliath up here?
MTA's mail server is apparently named Goliath, too... At least, pinging
goliath.mtaonline.net comes back with 12.6.42.1, which is also aliased to
mail.mtaonline.net...
On another note, is anyone a pro at samba NT domains? I'm hearing
rumblings about users wanting this, and a few managers are starting to
also. (Even heard "we should set up a domain, so we can move all our mail
to Exchange and Outlook". Fortunately, that got squashed...) Ideally, I
could present a solution of Samba doing domain logins; a big bonus would
be if it could authenticate against the state LDAP server, also, as a "if
not found locally look at LDAP" kind of setup... We're using a NIS server
for the systems now, so it's also possible to use that as the master
password database, if that's simpler/easier.
If someone wanted to do this as an example for a meeting, or maybe at the
next InstallFest, I could probably dig up a server to use; it'd most
likely be a Proliant P2-350, which wouldn't be sufficient for production
use (~500 users), but would be a good testbed to prove it.
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
This archive was generated by hypermail 2a23 : Thu Aug 22 2002 - 12:51:01 AKDT