config is set to no relay/smtp auth. will pass most relay tests, however
there is apparently a way around this as server is being used to relay spam
(logs, headers below). solutions?
Example Header (nice declude notes it was checked for spam heh):
> Return-Path: [EMAIL PROTECTED]
> Delivery-Date: Sat Mar 27 19:45:16 2004
> Return-Path: <[EMAIL PROTECTED]>
> Received: from lilpods.com (lilpods.com [206.63.224.95])
> by connactivity.connactivity.com (8.12.10/8.12.10) with ESMTP id
> i2S0jF0S052359
> for <[EMAIL PROTECTED]>; Sat, 27 Mar 2004 19:45:16 -0500
> (EST)
> Received: from bluish [80.143.85.221] by lilpods.com with ESMTP
> (SMTPD32-8.05) id A005233800B8; Sat, 27 Mar 2004 16:44:53 -0800
> From: "Jessie Jinbachian"<[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: CIA-L1S & LEV-ITRA : E_n1arge Your P^e^n^1^s in I Week!
> Mime-Version: 1.0
> Content-Type: text/html; charset=us-ascii
> Content-Transfer-Encoding: 7bit
> Message-Id: <[EMAIL PROTECTED]>
> X-Declude-Spoolname: D2005233800b887d7.SMD
> X-Note: This E-mail was scanned for spam.
> Date: Sat, 27 Mar 2004 16:45:16 -0800
Logs start here (one batch - all same smtp id):
03:27 14:25 SMTPD(233800B8) [206.63.224.95] connect 80.143.85.221 port 2355
03:27 14:25 SMTPD(233800B8) [80.143.85.221] EHLO bluish
03:27 14:25 SMTPD(233800B8) [80.143.85.221] MAIL FROM:
<[EMAIL PROTECTED]>
03:27 14:25 SMTPD(233800B8) [80.143.85.221] RCPT TO:<[EMAIL PROTECTED]>
03:27 14:25 SMTPD(233800B8) [80.143.85.221]
c:\IMail\spool\Dff65233800b816a8.SMD 1102
03:27 14:25 SMTPD(233800B8) [80.143.85.221] MAIL FROM:
<[EMAIL PROTECTED]>
03:27 14:25 SMTPD(233800B8) [80.143.85.221] RCPT
TO:<[EMAIL PROTECTED]>
03:27 14:25 SMTPD(233800B8) [80.143.85.221]
c:\IMail\spool\Dff6e233800b83c70.SMD 1092
03:27 14:26 SMTPD(233800B8) [80.143.85.221] MAIL FROM:
<[EMAIL PROTECTED]>
03:27 14:26 SMTPD(233800B8) [80.143.85.221] RCPT TO:<[EMAIL PROTECTED]>
03:27 14:26 SMTPD(233800B8) [80.143.85.221]
c:\IMail\spool\Dff7e233800b87ae0.SMD 1111
<snip 30 min of spam logs>
Ends here:
03:27 16:53 SMTPD(233800B8) [80.143.85.221] RCPT TO:<[EMAIL PROTECTED]>
03:27 16:53 SMTPD(233800B8) [80.143.85.221]
c:\IMail\spool\D21f9233800b82b87.SMD 1147
03:27 16:53 SMTPD(233800B8) [80.143.85.221] MAIL FROM:
<[EMAIL PROTECTED]>
03:27 16:53 SMTPD(233800B8) [80.143.85.221] RCPT TO:<[EMAIL PROTECTED]>
03:27 16:53 SMTPD(233800B8) [80.143.85.221]
c:\IMail\spool\D2204233800b85566.SMD 956
03:27 16:53 SMTPD(233800B8) [80.143.85.221] MAIL FROM:
<[EMAIL PROTECTED]>
03:27 16:53 SMTPD(233800B8) [80.143.85.221] RCPT TO:<[EMAIL PROTECTED]>
03:27 17:15 SMTPD(233800B8) idle timeout
Spam tests:
RELAY Test for mail.lilpods.com
220 lilpods.com (IMail 8.05 596450-78) NT-ESMTP Server X1
HELO trusontechnologies.com
250 hello lilpods.com
Relay test 1
MAIL FROM:([EMAIL PROTECTED])
250 ok
RCPT TO:([EMAIL PROTECTED])
550 not local host trusontechnologies.com, not a gateway (Passed Test)
RSET
250 ok its reset
Relay test 2
MAIL FROM:([EMAIL PROTECTED]@mail.lilpods.com)
250 ok
RCPT TO:([EMAIL PROTECTED]@trusontechnologies.com)
550 not local host trusontechnologies.com, not a gateway (Passed Test)
RSET
250 ok its reset
Relay test 3
MAIL FROM:()
250 ok
RCPT TO:([EMAIL PROTECTED])
550 not local host trusontechnologies.com, not a gateway (Passed Test)
RSET
250 ok its reset
Relay test 4
MAIL FROM:([EMAIL PROTECTED]@mail.lilpods.com)
250 ok
RCPT TO:([EMAIL PROTECTED])
550 not local host trusontechnologies.com, not a gateway (Passed Test)
RSET
250 ok its reset
Relay test 5
MAIL FROM:([EMAIL PROTECTED]@mail.lilpods.com)
250 ok
RCPT TO:([EMAIL PROTECTED])
550 not local host trusontechnologies.com, not a gateway (Passed Test)
RSET
250 ok its reset
Relay test 6
MAIL FROM:([EMAIL PROTECTED]@mail.lilpods.com)
250 ok
RCPT TO:("[EMAIL PROTECTED]")
550 not local host trusontechnologies.com", not a gateway (Passed Test)
RSET
250 ok its reset
Relay test 7
MAIL FROM:([EMAIL PROTECTED]@mail.lilpods.com)
250 ok
RCPT TO:("nobody%trusontechnologies.com")
550 not local host trusontechnologies.com", not a gateway (Passed Test)
RSET
250 ok its reset
Relay test 8
MAIL FROM:([EMAIL PROTECTED]@mail.lilpods.com)
250 ok
RCPT TO:([EMAIL PROTECTED]@mail.lilpods.com)
550 not local host trusontechnologies.com, not a gateway (Passed Test)
RSET
250 ok its reset
Relay test 9
MAIL FROM:([EMAIL PROTECTED]@mail.lilpods.com)
250 ok
RCPT TO:("[EMAIL PROTECTED]"@mail.lilpods.com)
550 not local host trusontechnologies.com", not a gateway (Passed Test)
RSET
250 ok its reset
Relay test 10
MAIL FROM:([EMAIL PROTECTED]@mail.lilpods.com)
250 ok
RCPT TO:([EMAIL PROTECTED]@mail.lilpods.com)
550 not local host trusontechnologies.com, not a gateway (Passed Test)
RSET
250 ok its reset
Relay test 11
MAIL FROM:([EMAIL PROTECTED]@mail.lilpods.com)
250 ok
RCPT TO:(@mail.lilpods.com:[EMAIL PROTECTED])
550 not local host trusontechnologies.com, not a gateway (Passed Test)
RSET
250 ok its reset
Relay test 12
MAIL FROM:([EMAIL PROTECTED]@mail.lilpods.com)
250 ok
RCPT TO:(mail.lilpods.com:[EMAIL PROTECTED])
550 not local host trusontechnologies.com, not a gateway (Passed Test)
RSET
250 ok its reset
Relay test 13
MAIL FROM:([EMAIL PROTECTED]@mail.lilpods.com)
250 ok
RCPT TO:(trusontechnologies.com!nobody)
550 unknown user (Passed Test)
RSET
250 ok its reset
Relay test 14
MAIL FROM:([EMAIL PROTECTED]@mail.lilpods.com)
250 ok
RCPT TO:([EMAIL PROTECTED])
550 unknown user (Passed Test)
RSET
250 ok its reset
Relay test 15
MAIL FROM:([EMAIL PROTECTED]@mail.lilpods.com)
250 ok
RCPT TO:([EMAIL PROTECTED]@mail.lilpods.com)
550 not local host trusontechnologies.com, not a gateway (Passed Test)
RSET
250 ok its reset
Congratulations! You have passed ALL Spamming tests.
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
