[CLUE-Admin] Re: CLUE-Tech post from admin@clue.denver.co.us
requires approval
Lynn Danielson
lynnd at techangle.com
Mon Aug 4 18:36:03 MDT 2003
Jed S. Baer wrote:
>On Mon, 04 Aug 2003 10:59:19 -0600
>Lynn Danielson <lynnd at techangle.com> wrote:
>
>>We're getting more and more mail like this, where
>>folks are mnuning their email
>>to look like it was sent from someone on our server.
>>
>>
>
>It'd help to see some representative headers.
>
OK:
Received: from localhost ([142.3.208.203])
by clue.denver.co.us (8.9.3/8.9.3) with SMTP id QAA10218
for <clue-talk at clue.denver.co.us>; Mon, 4 Aug 2003 16:51:16 -0600
Date: Mon, 4 Aug 2003 16:51:16 -0600
Message-Id: <200308042251.QAA10218 at clue.denver.co.us>
From: admin at clue.denver.co.us
To: Clue-talk <clue-talk at clue.denver.co.us>
Reply-To: admin at clue.denver.co.us
X-Mailer: The Bat! (v1.61)
X-Priority: 2 (High)
Subject: your account crvaavwa
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------3254AE670004BE0"
>The first thing that comes to my mind is to use SpamAssasin, or some other
>bayseian type filtration. The other thing is to require that the From:
>header domain match the originating machine, or something like that. I
>know there are some problems with that, though.
>
Yeah the reverse DNS lookup can be a problem, but I'm beginning to think
it's an acceptable one. But since they are directly using our own sendmail
server as their smtp server, it wouldn't do any good in this case. I
believe
we're what is referred to as an open relay. Which leaves us open to some
horrible abuses. I haven't been paying attention to our logs, so as far
as I
know our server could be getting used to spam the world. But if we're going
to offer email aliases as a membership benefit, it needs to remain open to
some extent.
Later,
Lynn
More information about the clue-admin
mailing list