Subject: Re: what's wrong with my sendmail?
From: shortpier (shortpier@shortpier.is-a-geek.com)
Date: Tue Nov 11 2003 - 18:45:06 AKST
Does your mail servber have any firewall rules?? ... IE does the IP of
the src comp have to match the netmask?... One way I could see this is a
manual route on a machine with your EXTERNAL ip being the gateway to
your internal ip ....
IE route add <internal private IP> gw <external IP> and if that is the
case you will route anybody and relay for anybody who has the routing
info...
Shortpier
On Thu, 2003-11-13 at 12:03, Justin Dieters wrote:
> Yes, but obviously, my domain isn't bigfoot.com, it's enderak.com.
>
> Justin
>
>
> W.D. McKinney wrote:
> > On Thu, 2003-11-13 at 10:41, Justin Dieters wrote:
> >
> >>Okay, I talked to GCI, and they are saying it's not an open relay, but the messages were coming directly from my network. I don't have any Windows machines, just an iMac and a couple Linux boxes. Do you think it might be a compromised box? Here's what GCI sent me:
> >>
> >>Received: from mail2.bigfoot.com (79-2-237-24.gci.net [24.237.2.79])
> >> by mmp-2.gci.net
> >> (iPlanet Messaging Server 5.2 HotFix 1.14 (built Mar 18 2003)) with SMTP id
> >> <0HO900B5ZC768J@mmp-2.gci.net>; Wed, 12 Nov 2003 12:12:01 -0900 (AKST)
> >>Date: Wed, 12 Nov 2003 12:11:58 -0900 (AKST)
> >>Date-warning: Date header was inserted by mmp-2.gci.net
> >>From: Angella <kksrf@bigfoot.de>
> >>Subject: it will help
> >>To: "lmwopcm@yahoo.com" <lmwopcm@yahoo.com>
> >>Message-id: <0HO900B61C768J@mmp-2.gci.net>
> >>MIME-version: 1.0
> >>Content-type: text/html
> >>Content-transfer-encoding: 7BIT
> >>
> >
> >
> > So is your connection 24.237.2.79 ? The million $ question.
> >
> > Dee
> >
> >
> >
> >
> >
> >><html>
> >><body>
> >><br>
> >>C<!--bnF-->ya<!--bnF-->lus is now available to consumers.<br>
> >>Cy<!--bnF-->alus is sup<!--bnF-->erior to Vi<!--bnF-->agr<!--bnF-->a.<br>
> >>Cyal<!--bnF-->us is super<!--bnF-->ior because:<br>
> >>It acts faster (within 30 minutes).<br>
> >>It lasts much longer (up to 36 hours).<br>
> >>It has far fewer Side effects.<br>
> >>We offer:<br>
> >>Low manufacturer direct pr<!--bnF-->icing.<br>
> >>Private de<!--bnF-->livery to your home.<br>
> >>No Doctor's Con<!--bnF-->sutation required.<br>
> >>100% Mon<!--bnF-->ey Back Guar<!--bnF-->antee.<br>
> >><a href="http://www.med32zd.com/">Why pay twice as much when<BR>
> >>Cyal<!--bnF-->us is a far superior pro<!--bnF-->duct<BR> and is only a
> >>cli<!--bnF-->ck away?</a><br><BR>
> >><br>
> >></body>
> >></html>
> >>
> >>B
> >>
> >>
> >>
> >>
> >>
> >>
> >>>Post the headers that GCI says is evidence that your server was an
> >>>openrelay so we can check it out. It may be that a junior admin
> >>>at GCI was a
> >>>little hasty in jumping to the conclusion that you were open, or
> >>>it may be
> >>>that you were actually open.
> >>>
> >>>Mike
> >>>
> >>>---------
> >>>To unsubscribe, send email to <aklug-request@aklug.org>
> >>>with 'unsubscribe' in the message body.
> >>>
> >>>
> >>
> >>---------
> >>To unsubscribe, send email to <aklug-request@aklug.org>
> >>with 'unsubscribe' in the message body.
>
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
---- Attached file included as plaintext by Listar -- -- File: signature.asc -- Desc: This is a digitally signed message part
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQA/sazCNyWzwlj5xp4RAvGCAJsEOObwG2Ba5kcDLZuMvDDP5DXvrQCfch64 4hyRrw0L4U/6eU9Ogj24m90= =iqUO -----END PGP SIGNATURE-----
--------- To unsubscribe, send email to <aklug-request@aklug.org> with 'unsubscribe' in the message body.
This archive was generated by hypermail 2a23 : Thu Nov 13 2003 - 12:17:28 AKST