Death to all spammers and open relays

[reichhartkg]

I use postfix as an MTA with RAV doing anti-virus/RBL/blacklist/SPAM. When I started using RAV, we actually got a bunch of calls from people who thought there was something wrong with their email because they were only getting about 10% of the SPAM they used to. I looked at the quarentine files for about a week and everything it caught was SPAM. Quite a bit slips through but once a week or so, I go in and blacklist whatever domains have bounce messages sitting in the queue undeliverable.

For those of you running M$ exchange, I'd recommend setting up a unix mail gateway. That way, when you exchange server crashes, your mail will still be delivered and nobody outside the company will know you're having problems. Also, there are many more cheap and reliable anti-spam and virus solutions available in the GNU world.

If you want to go this route and don't know how to do it, PM me for my consulting rates.

 

[Hank]

Ah! another wise one!! I proposed the same thing to one of our customers who can't keep their exchange box up for more than 8 hours at a time..

BTW, thanks for the reminder on RAV, it has been a while since I looked at them.

.

For those of you running M$ exchange, I'd recommend setting up a unix mail gateway. That way, when you exchange server crashes, your mail will still be delivered and nobody outside the company will know you're having problems. Also, there are many more cheap and reliable anti-spam and virus solutions available in the GNU world.

[/B]

Taxxman2k: I am still using sendmail as my mta.. Have not played with postfix yet. Sorry I can not be of help here..

 

[reichhartkg]

Originally posted by taxxman2k
Hank,

You seem to know your email very well. would you happen to know how or know of a good source to tell me how to make my postfix server on my mandrake web server box relay mail though the same place my domino server is relaying through. I seach and just find junk. Am going to continue to search but didn't know if you knew the answer.

Thanks,
Dave

relayhost = [smtp.your.domain]

if you use the brackets, it will use the A record. if you don't use the brackets, it will try to find an MX record for that name and use the corresponding address.

 

[reichhartkg]

Originally posted by taxxman2k
well this sucks. Figured out my problem sending mail from my personal domains to AOL. Has nothing to do with being blocked due to prior relaying or anything:

550 - The IP address you're using to connect to AOL is either open to the free relaying of e-mail, is serving as an open proxy, or is a dynamic (residential) IP address. AOL cannot accept further e-mail transactions from your server until either your server is closed to free relaying/proxy, or your ISP removes your IP address from their list of dynamic IP addresses. For additional information, please visit http://postmaster.info.aol.com.


tell me that doesn't suck. Guess my only option is to get a static IP at home or relay through my server here at work....... anyone know of any major problems to worry about with relaying like that? it is simple enough to set up. Sucks that I have to do it but it will work..... ( I know how in notes, my other server is a different story )

Getting a static IP at home won't work because it will still be out of a block designated for residential use. I route my mail through my work server. AOL is the only domain I've had a problem with.

 

[Raceit]

Well I finailly got rid of my open relay problem. I was using just one box, but I just setup a second behind my firewall. I had to have two instances of my mail server running on my 2K server. Then one of them is the front man that forwards email to my InterScan server so all emails get scanned for viruses and get filtered. Then email gets forwarded onto the second install of my email server to send it out to the world.
It took me a while to figure out the exact setup required to run two different instances of the same email software, but it works great now. I just wanted to mention that here since the fellas on this thread have helped me a lot!

 

[Hank]

Hey, glad we've been of help.

Just wanted to mention that you could solve the whole 2 server and Win2K problem with ONE little teenie-weenie tiny Linux box....


I had 60 users and 8 domains on a P-75 with 16mb RAM, an adaptec AHA-1520 SCSI-II controller with a 9gb disc...

I finally had to upgrade the machine for political reasons... No one could believe the ugly old thing was the internal DNS, DHCP, mail and SQUID proxy server...

All the best.

 

[Raceit]

I'm all for Linux, but I don't have the time to learn it right now. Plus I'm going to try for my MCSE and get that out of the way. So the less confused I can keep myself the better.

Now if I can start to have fun with the goof balls that I've had to block I think I might start to enjoy myself.

 

[Hank]

As you know I am a major anti-spam fanatic, I track down and report spammers, block networks, call legal depts of companies who employ spammers. I run blacklists, whitelists, anti-spam software on our servers. Sell anti-spam services to business. I support the ordb, tmda, spamhaus and many other open source anti-spam projects.

Well today it caught up with me. I have become a target...

Starting at 4:30 this am in Guandong China a massive e-mail spam campain was launched selling Viagra. And guess what my home and office e-mail addresses were used as the reply.

So I woke this am with 18942 complaints, bounce, invalid e-mail address errors in my box...

I have contacted the FBI and FTC and now on the phone with my ISP to save my circuits..

My next visit to China I am going to kill someone!!

 

[Howard]

Originally posted by Hank
So I woke this am with 18942 complaints, bounce, invalid e-mail address errors in my box...

Wow hope it all works out for you.


PS: I would e-mail you but it would probably get lost amongst the many.....lol

 

[Hank]

Hi Howard! Hope all is well.

I've decided to document everything and send a letter to the Chinese embassy in DC. Perhaps I can have this guy shot for embarasing his country.

I am also going to stress how much this has embarassed me and damaged my reputation and business.

Keep you posted.
Hank

 

[Howard]

I wish you all the best Hank and good luck with your quest.

This sort of thing should be blocked by the isp's. Its the scourge of the INTERNET.

 

[EBInterceptor]

Jesus Christ!! That's absolutely insane! I couldn't believe how long I had to scroll through all of those! My worst that I get is all the notices that I get from people responding to posts I've made on this site. That's about 200+ everytime that I check my e-mail, but I'd hate to get millions of e-mails from people that I don't like.

 

[Hank]

Everytime I open my e-mail it looks like the prayers via e-mail scene from Bruce AllMighty...

I'm going to get this guy....

 

[EBInterceptor]

I hope you do get him, I'd love to get the bad guy like that!

 

[JeepMaster]

On My server, the Mailer installed a Catchall mailbox that catches all the mail that doesn't match any name in the domain. I went and deleted the box so now it points to <Site_Blackhole> or \dev\nul

I never get spam to that domain.

Joel

 

[Hank]

Jeepmaster, I think you missed my issue.

I am not receiving spam. My home and office addresses were used as the reply on a spam campaign. I think I pissed one guy off, pretty sure I know who it is but can't prove it yet..

Therefore all bounces and nasty replies from people who can not read a message header get sent back to me.

However since I run a challenge/response system on my server all messages from unknown recepients get a "please confirm " message back from my server.

My pending confrimation box on my server has 19000 messages waiting for confirmation. I periodically review my pending box discovered the mess this am. I have the system set to blacklist and delete messages that are not confirmed in X days.

To see what I mean, send an e-mail to hank@grimmick.com

In order to soothe the complaints from folks I added a message at the top of the confirmation e-mail you will receive. It has stopped the nasty-grams and phone calls..