-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 So it turns out that I did not read carefully the relevant page, or misunderstood part of it (hum, I would not have called that input ip, but in some way it makes sense).
So I deactivated the multihop list. A shame because it was an interesting one. But anyway, the single hop list caught a lot of spam already, and that should help us avoiding mess like the other day. Regards, mercredi 8 juin, vers 11h, Alexey Lobanov dactylographia : > Hello. > > Mathieu Roy wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Hello people at DSBL, > > > > There's a record where I suspect the "trusted user" (IP: > > 82.238.216.148) register smtps of it's own ISP, which is quite > > annoying. > > Unfortunately, this machine 82.238.216.148 is really vulnerable and > really compromises your mail system just now. The practical proposal > is to insulate 82.238.216.148 from your mailservers as soon as > possible. > > A fresh test from Russia to Russia through > 82.238.216.148-213.228.0.176 chain: > > Return-Path: <> Received: from postfix4-2.free.fr > (postfix4-2.free.fr [213.228.0.176]) by secadm.wplus.net (Postfix) > with ESMTP id 3285171892 for <[EMAIL PROTECTED]>; Wed, 8 Jun > 2005 13:55:52 +0400 (MSD) Received: from Controleur-01.GS2i.fr > (nor75-3-82-226-121-190.fbx.proxad.net [82.226.121.190]) by > postfix4-2.free.fr (Postfix) with ESMTP id C639231DA82 for > <[EMAIL PROTECTED]>; Wed, 8 Jun 2005 11:55:51 +0200 (CEST) > Received: from secadm.wplus.net ([195.131.4.141]) by > Controleur-01.GS2i.fr with Microsoft SMTPSVC(6.0.3790.0); Wed, 8 Jun > 2005 11:54:57 +0200 Message-ID: > <[EMAIL PROTECTED]> Date: Wed, 8 Jun > 2005 09:54:50 +0000 To: <[EMAIL PROTECTED]> Subject: Open Relay > Test Message From: <> X-OriginalArrivalTime: 08 Jun 2005 > 09:54:57.0093 (UTC) FILETIME=[20871F50:01C56C10] > > MAIL FROM:<> > RCPT TO:<[EMAIL PROTECTED]> > > Best, > Alexey > > > > > The ISP is Free.fr/Proxad. > > > > Example: <http://dsbl.org/message?27060329>, the input IP is > > 82.238.216.148 (yes, I read the FAQ entry regarding this kind of > > problem, and I do not think that's a matter of missing headers), > > and this belong to Free.fr/Proxad... as well as the listed SMTP > > (213.228.0.176 = postfix4-2.free.fr). > > > > > > The following tend to confirm that 82.238.216.148 is really a > > Free.fr/Proxad.net customer: > > <http://openrbl.org/ip/82/238/216/148.whois.htm> > > > > > > Regards, > > > > - -- > > Mathieu Roy > > > > + > > > Thalie : <http://yeupou.coleumes.org/> > > > Clio : <http://clio.coleumes.org/> > > > Uranie : <http://alberich.coleumes.org/> > > > Euterpe : <http://kromaniaks.coleumes.org/> > > +-----------------------------------------------------------+ > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.4.1 (GNU/Linux) > > > > iD8DBQFCpr0KNl9/9y2hmbkRAhIeAJ4+aPGhajyf+LWrFdofgHc7cIU6IwCgigzh > > Z3d2VIPJrr/XvXwhB2J0Szc= > > =7qRv > > -----END PGP SIGNATURE----- - -- Mathieu Roy +---------------------------------------------------------------------+ | General Homepage: http://yeupou.coleumes.org/ | | Computing Homepage: http://alberich.coleumes.org/ | | Not a native english speaker: | | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | +---------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFCpsM+Nl9/9y2hmbkRAnFBAJ9jYCcczaMoQtP99Yg89gleOf6PCACeNDBf uBs6gQRv4Rtc7bXmHVmn15M= =bjr1 -----END PGP SIGNATURE-----
