Sounds like a plain old relay test - if they can force mail through your
system and have it delivered to a third party, you are an open
relay. There were some servers at some level that would take mail with a
local postmaster origin by IP address and forward it. The spammers learned
this, and started using it. Current software has this hole closed.
Whether this was done by a spammer looking for a relay, or because a
spammer had found one and was exploiting it, and your address had been
reported as an open relay, and the people at, say, ordb were testing before
they listed you is almost irrelevant..
The point is that no matter what a third party asserts regarding origin
address or destination, you should not relay mail from one third party to
another. Your willingness to relay mail should be based on a stronger
identification than simply asserting an RFC821 origin.
At 03:57 AM 2002-08-16 -0400, Sharon Tucci wrote:
>We received on a few of our servers bounces to postmaster@[ip]. Someone
>from a pacbell.net IP 63.203.10.230 faked our postmaster@hostname to send
>email to a few (apparently fake) addresses at different blacklists.
>Obviously, the emails bounced back to our postmaster address.
>
>Anyone have any clue about what this test is supposed to accomplish?
--
"Life does not cease to be funny when people die, any more
than it ceases to be serious when they laugh." -- George
Bernard Shaw.
Nick Simicich - njs@scifi.squawk.com
Follow-Ups:
References:
|
|
