Thanks Nick, but the thing is --- other than the bounce coming back to our
postmaster addresses, the emails did not touch our server. The SMTP of
pacbell.net was used for sending them and not our server.
It's like - if someone sent an email out under your return address using a
third party SMTP and it went to invalid recipients - wouldn't you receive
the bounces from it?
When I looked at our logs, it showed that a number of different standard
tests on open relays were performed all within the same time period by a
black list maintainer. All of which failed because we have relaying fully
closed.
Personally, I see this bounced messages coming to us as a part of their
tests as being spam when I see no relevance or purpose to their tests. I
can't imagine that less than 99% of mail servers out there that have
postmaster addresses properly configured wouldn't have the same results.
I'm not trying to be argumentative with you --- just trying to figure out
what the intent of the test really is.
At 12:12 PM 8/16/02, Nick Simicich wrote:
>Sounds like a plain old relay test - if they can force mail through your
>system and have it delivered to a third party, you are an open
>relay. There were some servers at some level that would take mail with a
>local postmaster origin by IP address and forward it. The spammers
>learned this, and started using it. Current software has this hole closed.
>
>Whether this was done by a spammer looking for a relay, or because a
>spammer had found one and was exploiting it, and your address had been
>reported as an open relay, and the people at, say, ordb were testing
>before they listed you is almost irrelevant..
>
>The point is that no matter what a third party asserts regarding origin
>address or destination, you should not relay mail from one third party to
>another. Your willingness to relay mail should be based on a stronger
>identification than simply asserting an RFC821 origin.
References:
|
|
