>I just got back in to find a totally overloaded mail server, we are
>being attacked by a SPAM house
Was your mail server an open relay?
That ip address is not in MAPS or ORBS, and has not reverse PTR
record, somewhere in Asia-Pacific:
# dig -x 61.139.117.129
; <<>> DiG 8.2 <<>> -x
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUERY SECTION:
;; 129.117.139.61.in-addr.arpa, type = ANY, class = IN
;; AUTHORITY SECTION:
139.61.IN-ADDR.ARPA. 4D IN SOA nevyn.apnic.net.
please-read-TXT-record-of-this-zone-before-emailing-dns-admin.apnic.net. (
1999020201 ; serial
1D ; refresh
2H ; retry
4w2d ; expiry
4D ) ; minimum
If you have been doing host DNS verifications on the MAIL FROM: <
@senderdomain>, you would have been saved, no A record, no MX record:
# dig asga.com a
; <<>> DiG 8.2 <<>> asga.com a
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 4
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;; asga.com, type = A, class = IN
# dig asga.com mx
; <<>> DiG 8.2 <<>> asga.com mx
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 4
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;; asga.com, type = MX, class = IN
Len
http://BIND8NT.MEIway.com: ISC BIND 8.2.2 p5 installable binary for NT4
http://IMGate.MEIway.com: Build free, hi-perf, anti-spam mail gateways
========================================================================
This list server is Powered by iMS
'The Swiss Army Knife of Mail Servers'
--------------------------------------
To leave this list please complete the form at
http://www.CoolFusion.com/iMS.htm
List archives: http://www.mail-archive.com/infusion-email%40eoscape.com/
========================================================================
