Sounds like a plain old relay test - if they can force mail through your system and have it delivered to a third party, you are an open relay. There were some servers at some level that would take mail with a local postmaster origin by IP address and forward it. The spammers learned this, and started using it. Current software has this hole closed.
Whether this was done by a spammer looking for a relay, or because a spammer had found one and was exploiting it, and your address had been reported as an open relay, and the people at, say, ordb were testing before they listed you is almost irrelevant.. The point is that no matter what a third party asserts regarding origin address or destination, you should not relay mail from one third party to another. Your willingness to relay mail should be based on a stronger identification than simply asserting an RFC821 origin. At 03:57 AM 2002-08-16 -0400, Sharon Tucci wrote: >We received on a few of our servers bounces to postmaster@[ip]. Someone >from a pacbell.net IP 63.203.10.230 faked our postmaster@hostname to send >email to a few (apparently fake) addresses at different blacklists. >Obviously, the emails bounced back to our postmaster address. > >Anyone have any clue about what this test is supposed to accomplish? -- "Life does not cease to be funny when people die, any more than it ceases to be serious when they laugh." -- George Bernard Shaw. Nick Simicich - [EMAIL PROTECTED]
