Checking that IP at:
http://openrbl.org
Shows that SORBS-HTTP is listing that last hop, which looks like Verizon
Wireless. It's been all too common for ip4r lists to nominate smtp and
webmail based servers due to spam or worse, viruses being sent through them
by infected clients.
CBL has also
SPF does not prevent SPAM, only spoofing - which in turn can reduce
spam. I don't even run the SPFPASS test because I think its quite
pointless. If I receive an SPFFAIL on the other hand I block the email
straight away - don't even bother weighting it.
If a spammer adds SPF to their own domain,
Warning for anyone using BlackIce.
We were hit by a destructive worm.
http://www.washingtonpost.com/wp-dyn/articles/A11310-2004Mar20.html
Destroyed most of our servers.
We are in the process of recovering from backups.
Fred
---
[This E-mail was scanned for viruses by Declude Virus
Thanks for the heads up on this. Unless you have updated your BlackICE in
the last week you are at risk.
http://xforce.iss.net/xforce/alerts/id/166
http://www.eeye.com/html/Research/Advisories/AD20040318.html
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
We had a single Colo'd server fall ill to this vulnerability on Friday
night. It wasn't a pretty sight to say the least.
Jason
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mike Wiegers
Sent: Sunday, March 21, 2004 6:51 PM
To: [EMAIL PROTECTED]
The HELO is often passed intact from the client to the destination.
That is not true.
The only reason that checks like HELOBOGUS (and equivalent checks in
other anti-spam packages) can be conducted against unauthenticated
sessions is that malware and crooked MTAs often do not obey SMTP