Re: [courier-users] Courier configuration - Connection refused
on 6/14/02 11:26 AM, Antoine CavaliƩ at [EMAIL PROTECTED] hammered some keys to produce: Hi I don't know why, but courier seems not want to send mails neither to @caramail.com nor to @hotmail.com Jun 14 17:19:53 logs courieresmtp: id=00026BAF.3D086F8A.7628,from=[EMAIL PROTECTED],addr=myrealaccount@cara mail.com: Connection refused Jun 14 17:19:53 logs courieresmtp: id=00026BAF.3D086F8A.7628,from=[EMAIL PROTECTED],addr=myrealaccount@cara mail.com,status: deferred thank you for your help :) It isn't Courier but the remote server which is refusing the connection. This probably means that the remote is throttling connections. I see this a lot with hotmail when my mailing list tries to send messages. Basically hotmail will only accept a small number of messages from the same IP within a certain period (for spam protection, I guess). After 15 minutes or so the my mail queue will try again and succeed in getting a few more messages sent. The message in you log says that the message was deferred, and that it will try again later. Does it get sent eventually or does it bounce? -- Tim Hosking ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas - http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] delivery failures
I've seen this as well, but I think it's actually a measure taken by Hotmail to deter spammers by throttling the number of messages received from a single IP to a couple every ten minutes. I run a mailing list on which about 30 people have Hotmail accounts, and it can take upwards of two hours to deliver to these account. It does always succeed eventually though. If I am right then a spammer with a mailing list of say 10 Hotmail addresses could take weeks to deliver, by which time the offender could be tracked and cut off. Just a theory. -- Tim Hosking - Original Message - From: MH - Entwicklung [EMAIL PROTECTED] To: Michael Carmack [EMAIL PROTECTED]; Saxon Jones [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, April 25, 2002 2:57 AM Subject: Re: [courier-users] delivery failures Well, it's a pity that Hotmail doesn't fix this. But I have recognized that these are just temporary errors. After several delivery attempts the mail goes through. Regards Manfred - Original Message - From: Michael Carmack [EMAIL PROTECTED] To: Saxon Jones [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, April 25, 2002 8:14 AM Subject: Re: [courier-users] delivery failures On Wed, Apr 24, 2002 at 10:29:40PM -0600, Saxon Jones wrote: I notice that when people are relaying SMTP through my Courier server here, we get a fair number of bounces such as: [EMAIL PROTECTED]: mx15.hotmail.com [65.54.232.71]: RSET 554 Transaction failed This happens to a lot of people. Seems to be a problem with Hotmail. [EMAIL PROTECTED]: Connection refused Don't know about this one. m. ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Case Sensitivity Email Address
on 18/4/02 2:17 pm, Tony Carter at [EMAIL PROTECTED] wrote: man -M /usr/lib/courier/man courier locallowercase If this file exists, Courier will not distinguish being lowercase and uppercase local accounts, so that [EMAIL PROTECTED] and [EMAIL PROTECTED] will refer to the same local mailbox (where example.com is your domain). Postmaster, postmaster, and POSTMASTER always refer to the same account, even if locallowercase does not exist. -Tony The important point to note here, is that if locallowercase does exist, then user accounts must have all-lowercase account names. Any account with an uppercase character in the account name will be unable to receive mail. I actually consider this a feature and have used it to create mail-less accounts. -- Tim Hosking How do you know when it's time to tune your bagpipes? ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] HELP - couriermlm subscriber list
Hello. Is there an easy way to get a list of current subscribers to a mailing list. Suppose I am running a list [EMAIL PROTECTED], then the following command: /usr/lib/courier/bin/couriermlm export junklist Seems to give me a partial list of subscribers interspersed with a number of subscription messages. All I need is a simple list of every subscriber, as I cam currently trying to manually add subscribers from a large list of people who may or may not be already subscribed, and who cannot follow simple instructions for subscribing themselves. What am I missing? -- Tim Hosking ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] HELP - couriermlm subscriber list
on 4/11/02 12:14 PM, Tim Hosking at [EMAIL PROTECTED] wrote: Hello. Is there an easy way to get a list of current subscribers to a mailing list. Suppose I am running a list [EMAIL PROTECTED], then the following command: /usr/lib/courier/bin/couriermlm export junklist Seems to give me a partial list of subscribers interspersed with a number of subscription messages. All I need is a simple list of every subscriber, as I cam currently trying to manually add subscribers from a large list of people who may or may not be already subscribed, and who cannot follow simple instructions for subscribing themselves. What am I missing? Never mind I just found out for myself. For the record the command is: /usr/lib/courier/bin/couriermlm lsub junklist I'll shut up now. -- Tim Hosking ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Another couriermlm question
Has anyone ever managed to provide a decent web interface to a mailing list managed by couriermlm? I'm sure there must be at least one out there and I am keen not to reinvent the wheel. If the interface made the archive searchable that would be even cooler. TIA -- Tim Hosking ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] INBOX
on 4/7/02 9:30 AM, Thomas Beer at [EMAIL PROTECTED] wrote: Hi, just a newbie question. Can someone give me an ls -la output of a maildir structure? Should it be maildirmake INBOX or Inbox or Maildir/Inbox ...? Thanks Tom maildirmake Maildir -- Tim Hosking ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] ADV: Harvest lots of Email addresses quickly
H. Methinks this guy just spammed the wrong mailing list. Who wants to let the dogs out? -- Tim hosking ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] DNS lookup Failure on 0.35.1
on 4/4/02 11:38 AM, Thierry DELHAISE at [EMAIL PROTECTED] wrote: Hi all, We used since now ten month Courier on a Solaris 8 system (release 0.35.1). All run fine since because we only use courier to send out message to recipient. Recently, we would like to use it to receive message from outside. And we discover it don't accept to receive mail if in the from field of the message, the domain part of the sender's adresse can't be resolve on the DNS. Below a dump of log : Apr 4 17:58:36 S0003010 courieresmtpd: [ID 702911 mail.error] error,relay=10.0.161.19,from=[EMAIL PROTECTED]: 417 DNS lookup failure: free.fr. Try again later. The server we have act as a mailhub from a subdomain. It's configured to resolve on DNS to send and if it can't, to relay to the main mailhub in front of us. Does it is normal, and could we bypass this problem. I hope so, may be it's a configuration mistake of us ? Does anyone have an idea ? Thanks in advance for your help Thierry DELHAISE I'm not sure, but I think Sam fixed this problem in 0.36.something -- Tim Hosking ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Incoming mail filtering/blacklisting problem
Title: Re: [courier-users] Incoming mail filtering/blacklisting problem on 3/29/02 2:32 PM, Dusan Vujosevic at [EMAIL PROTECTED] wrote: Hi, I have courier 0.37.3.20020317 running and I can't get ORDB (ordb.org) black list to work. I am using webmin to configure it. I fixed the typo in the address (it was 'relays.orbb.org') but it didn't help. I keep sending the test e-mail to [EMAIL PROTECTED] mailto:tonbsp;[EMAIL PROTECTED] and it keeps coming back saying that I'm not using the their list. Does anyone have any ideas? TIA, Dusan P.S. I can't build 0.38.0 (cp: cannot create regular file 'module.esmtp': Permission denied). Also, is there a nice way to turn off those thread debug messages in the maillog (Waiting. shutdown time= )? Let me know if you have any luck with this as its been bugging me too! -- Tim Hosking
[courier-users] FEATURE REQUEST. Damned bad MIME revisited
Sam. I know this is perhaps the most irritating topic for you, and the changes you have made to please everyone regarding the handling of bad MIME headers have gone a long way towards banishing the problem. I do however have one hopefully small request. When Courier accepts bad messages (opt BOFHBADMIME=accept) could you add a header before passing it to maildrop to indicate that the message is badly formed? This way we can easily filter such messages into a quarantine folder or something like that. If it's too much of a pain then it doesn't matter, it just seems like it would be a nice touch. ttfn -- Tim Hosking Who says nothing is impossible? I've been doing nothing for years. ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] FEATURE REQUEST. Damned bad MIME revisited
on 9/3/02 12:56 pm, Sam Varshavchik at [EMAIL PROTECTED] wrote: On Sat, Mar 09, 2002 at 11:48:54AM -0500, Tim Hosking wrote: I do however have one hopefully small request. When Courier accepts bad messages (opt BOFHBADMIME=accept) could you add a header before passing it to maildrop to indicate that the message is badly formed? This way we can easily filter such messages into a quarantine folder or something like that. I could add a header to wrapped messages rather easily. Then, you can key off that, and fetch the sole MIME attachment. Sounds good. I have never tried it but I suppose it is not too difficult to unwrap the attachment in a filter and deliver that instead of the wrapped message? Or is it? -- Tim Hosking Why do tourists go to the top of tall buildings and then put money in telescopes so they can see things on the ground in close-up? ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] No user generates a new user ...
on 28/2/02 2:19 pm, Christoph Puppe at [EMAIL PROTECTED] wrote: Salve all, I'm looking for a way to generate new virtual users, when a mail to a nonexistent one arrives. I've thought about global filters, which are very expensive, so they aren't the way to go. If there is another way, that is. Tweaking postmaster to a script that takes the mails, checks if it is a user unknown and then generates the maildir and sets up the user was an idea as well. Any good ideas to do this out there? This seems like a bad idea (I could spam your server and create 1000 new accounts just for the hell of it). How about scaling it down a bit and having such mail delivered to a single nominated account with a custom filter installed. When mail arrives for an address that has not been seen before then create a new sub-folder in the maildir and deliver to that. I suppose you could always add a cron job which searched that user's maildir for such folders and created the new accounts. For that matter this approach would not require the sub-folders - reformail could easily extract the destination email address from any messages it found in the nominated maildir. -- Tim Hosking Trans corpus meum mortuum. - Over my dead body. ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] 550 unknown user
on 20/2/02 9:22 pm, Jeremy J Graveline at [EMAIL PROTECTED] wrote: When I send mail to [EMAIL PROTECTED] I get the message 550 Unknown user. 'jjgraveline' is a local user on my machine which is 'DNab4293ec.Stanford.EDU'. The folder /home/jjgraveline/Maildir is set up correctly. The 'locals' file contains DNab4293ec.Stanford.EDU dnab4293ec.stanford.edu localhost esmptacceptmailfor contains the same entries. What am I missing? Are all message to [EMAIL PROTECTED] rejected in this way or just some? It's just a thought but mail to [EMAIL PROTECTED] would be rejected with this error unless you have a file called locallowercase in courier/etc. -- Tim Hosking Other than that, Mrs. Lincoln, how did you like the show? ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Webadmin Pasword Does Not Work
Title: Re: [courier-users] Webadmin Pasword Does Not Work on 21/2/02 2:35 pm, M.B. at [EMAIL PROTECTED] wrote: When I change the permissions to 700 I get ERROR: Invalid password [root@OldPeculier root]# ls -l /usr/lib/courier/etc/webadmin/password -r 1 courier courier 9 Nov 16 16:51 /usr/lib/courier/etc/webadmin/password hth -- Tim Hosking Outside of a dog, a book is man's best friend. Inside of a dog, it's too dark to read. - Groucho Marx
Re: [courier-users] mail filter implementation
on 7/2/02 2:15 pm, [EMAIL PROTECTED] at [EMAIL PROTECTED] wrote: Lets try again :-)) Is it allowed to implement a GLOBAL MAILFILTER which is MODIFYING the message it is processing? Yes. Check out SpamMaildropFilter http://sourceforge.net/projects/mdropspamfilter/ It does exactly what you are asking. -- Tim Hosking Sooner or later, EVERYONE stops smoking. ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Re: Dropping mail
on 6/2/02 6:20 pm, Sam Varshavchik at [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] writes: Hi Is there any way to make courier drop incoming mail (from a specific email address) without returning an error message to the sender. No. Delivering it to /dev/null from a filter doesn't work? -- Tim Hosking I'm desperately trying to figure out why kamikaze pilots wore helmets. ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] mail filter implementation
on 7/2/02 1:22 pm, [EMAIL PROTECTED] at [EMAIL PROTECTED] wrote: Hi! A question: Is it allowed to implement a mail filter which is _modifying_ the processed message and/or control file? For example by adding and X-foo: blahblah header, or deleting some attachments? ps : please CC to me too. Dobos Sandor IBCnet Hungary Ltd. ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users Check out 'man maildropex' and 'man reformail'. Reformail is totally cool. -- Tim Hosking Quando Omni Flunkus Moritati - When all else fails, play dead. ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] FW: Re: 8-bit content, no mime revisited
on 5/2/02 1:12 pm, Walter Taucher at [EMAIL PROTECTED] wrote: We are getting mail rejected as well. The interesting note here is that in our test with one client using Eudora 5.1, if the sender removes the automatic signature at the Bottom of the message, the message goes thru, replace the signature, and the MIME Error returns. And what can our clients that are using products that send Courier incompatible RFC headers like Ebay or Microsoft folks do?: And They are able to communicate to everyone else but us, do we really believe they will change the way they behave just for our sake? A little flexibility is needed here. I know there is an Aesop Fable in there somewhere.. After the trouble Sam has gone to to appease everyone on this issue, I feel almost reluctant to make another suggestion, but here goes: How about adding another option to add an additional header to flag badly formed messages? For example, Option 1. Bounce the email as it did originally. Option 2. Deliver the message as an attachment. Option 3. Deliver the message as is, but with an additional header inserted. E.g. X-BadMimeHeaders: additional info such as offset of first bad byte This would enable people to filter badly formed messages according to their taste (burn it, drop it in the quarantine folder, reformail it or whatever). The reason I suggest this is that I frequently receive mail from a couple of mailing lists which don't comply with rfc2045, only in reality, receiving these messages is benign and my mail client copes just fine. My existing filters would simply deliver these messages where I wanted them. All I would have to do is add a final filter to handle bad MIME messages from unknown sources. This also unloads the burden of how to deal with the crap away from Sam. What do you think? -- Tim Hosking It might look like I'm doing nothing, but at the cellular level I'm really quite busy. ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] FW: Re: 8-bit content, no mime revisited
on 5/2/02 2:05 pm, Sysop at [EMAIL PROTECTED] wrote: Tim Hosking wrote: on 5/2/02 1:12 pm, Walter Taucher at [EMAIL PROTECTED] wrote: We are getting mail rejected as well. The interesting note here is that in our test with one client using Eudora 5.1, if the sender removes the automatic signature at the Bottom of the message, the message goes thru, replace the signature, and the MIME Error returns. And what can our clients that are using products that send Courier incompatible RFC headers like Ebay or Microsoft folks do?: And They are able to communicate to everyone else but us, do we really believe they will change the way they behave just for our sake? A little flexibility is needed here. I know there is an Aesop Fable in there somewhere.. After the trouble Sam has gone to to appease everyone on this issue, I feel almost reluctant to make another suggestion, but here goes: How about adding another option to add an additional header to flag badly formed messages? For example, Option 1. Bounce the email as it did originally. Option 2. Deliver the message as an attachment. Option 3. Deliver the message as is, but with an additional header inserted. E.g. X-BadMimeHeaders: additional info such as offset of first bad byte This would enable people to filter badly formed messages according to their taste (burn it, drop it in the quarantine folder, reformail it or whatever). The reason I suggest this is that I frequently receive mail from a couple of mailing lists which don't comply with rfc2045, only in reality, receiving these messages is benign and my mail client copes just fine. My existing filters would simply deliver these messages where I wanted them. All I would have to do is add a final filter to handle bad MIME messages from unknown sources. This also unloads the burden of how to deal with the crap away from Sam. What do you think? Have you guys even LOOKED at the new version? You have EXACTLY that option, based off the bofh file. Check the documentation people. Extremely helpful. Thank you. I am running courier-0.37.0.20020112 which cannot be considered old by any standards. If you mean by checking the documentation I should type 'man courier' and searching for 'bofh' I have done exactly that, and also checked the latest docs on the web. Guess what. It doesn't mention adding additional headers or anything remotely related to rfc2045. It does basically tell me various interesting reasons for which I can reject mail, however, none of that seemed relevant to my suggestion. Maybe if you refrained from shouting and perhaps gave us a little insight into the documentation (and version of Courier) to which you are referring we could put this thread to bed once and for all. I for one am getting bored with it. I may be being dumb here, but my feeling is that you have not read and understood the question and suggestion as fully as you obviously have the documentation. If this is the case then I am a fool and I apologise. -- Tim Hosking For every action, there is an equal and opposite criticism. ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] I.P. based (virtual) multiple Domains ...
on 24/1/02 4:34 pm, Sysop at [EMAIL PROTECTED] wrote: some stuff Hey Sysop! Did you know that, Patrick Walsh's mdropspamfilter found at http://sourceforge.net/projects/mdropspamfilter/ systematically rejects all your postings as potential spam? :) Apparently they are missing the 'To:' header. Just thought I'd let you know. ttfn -- Tim Hosking Never knock on Death's door: Ring the doorbell and run (he hates that). ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] How the hell was this spam delivered?
Hi. I just received a spam email from homelenders.com. Here are the headers: Delivered-To: [EMAIL PROTECTED] Return-Path: [EMAIL PROTECTED] Received: from smtp1.vol.cz (smtp1.vol.cz [195.250.128.73]) (TLS: TLSv1/SSLv3,168bits,DES-CBC3-SHA) by OldPeculier with esmtp; Wed, 26 Dec 2001 22:32:11 -0500 Received: from smtp2.vol.cz (smtp2.vol.cz [195.250.128.42]) by smtp1.vol.cz (8.11.6/8.11.3) with ESMTP id fBR3cjB89493; Thu, 27 Dec 2001 04:38:45 +0100 (CET) (envelope-from [EMAIL PROTECTED]) Received: from homelenders.com (datelb-1-2-18.dialup.vol.cz [212.20.100.20]) by smtp2.vol.cz (8.11.3/8.11.3) with SMTP id fBR3bkw12060; Thu, 27 Dec 2001 04:37:51 +0100 (CET) (envelope-from [EMAIL PROTECTED]) Date: Thu, 27 Dec 2001 04:37:51 +0100 (CET) Message-Id: [EMAIL PROTECTED] Mime-Version: 1.0 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit From: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: hassle-free home loans And here are the related lines from my maillog (sorry about the wrapping): Dec 26 22:32:09 OldPeculier courieresmtpd: started,ip=[195.250.128.73] Dec 26 22:32:14 OldPeculier courierd: newmsg,id=AD58.3C2A963C.1851 Dec 26 22:32:14 OldPeculier courierd: started,id=AD58.3C2A963C.1851,from=[EMAIL PROTECTED],module= local,host=tim!!20008!20008!/home/tim!!,addr=tim Dec 26 22:32:14 OldPeculier courierd: Waiting. shutdown time=none, wakeup time=none, queuedelivering=1, inprogress=1 Dec 26 22:32:14 OldPeculier courierlocal: id=AD58.3C2A963C.1851,from=[EMAIL PROTECTED],addr=tim@trhos king.com,size=16516,success: Message delivered. Dec 26 22:32:15 OldPeculier courierd: completed,id=AD58.3C2A963C.1851 Dec 26 22:32:15 OldPeculier courierd: Waiting. shutdown time=Wed Dec 26 23:18:21 2001, wakeup time=Wed Dec 26 23:18:21 2001, queuedelivering=0, inprogress=0 How on earth did this message get accepted and delivered to a local account? I am running courier-0.36.1. -- Tim Hosking All I ask for is the opportunity to prove that money doesn't buy happiness. ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] How the hell was this spam delivered?
on 27/12/01 12:39 pm, Sysop at [EMAIL PROTECTED] wrote: Look at the TO: field in the header. That address has nothing to do with my server. I do not host homelenders.com and I have no user called loanrep. I do not accept mail addressed to non-existent users. How did you expect it NOT to get delivered? Everything looks cool, do you not accept email from an unknown user or somethign? You can add that persons domain into your bofh file, or just that account, but I fail to see how you expect it NOT to get delivered. Tim Hosking wrote: Hi. I just received a spam email from homelenders.com. Here are the headers: Delivered-To: [EMAIL PROTECTED] Return-Path: [EMAIL PROTECTED] Received: from smtp1.vol.cz (smtp1.vol.cz [195.250.128.73]) (TLS: TLSv1/SSLv3,168bits,DES-CBC3-SHA) by OldPeculier with esmtp; Wed, 26 Dec 2001 22:32:11 -0500 Received: from smtp2.vol.cz (smtp2.vol.cz [195.250.128.42]) by smtp1.vol.cz (8.11.6/8.11.3) with ESMTP id fBR3cjB89493; Thu, 27 Dec 2001 04:38:45 +0100 (CET) (envelope-from [EMAIL PROTECTED]) Received: from homelenders.com (datelb-1-2-18.dialup.vol.cz [212.20.100.20]) by smtp2.vol.cz (8.11.3/8.11.3) with SMTP id fBR3bkw12060; Thu, 27 Dec 2001 04:37:51 +0100 (CET) (envelope-from [EMAIL PROTECTED]) Date: Thu, 27 Dec 2001 04:37:51 +0100 (CET) Message-Id: [EMAIL PROTECTED] Mime-Version: 1.0 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit From: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: hassle-free home loans And here are the related lines from my maillog (sorry about the wrapping): Dec 26 22:32:09 OldPeculier courieresmtpd: started,ip=[195.250.128.73] Dec 26 22:32:14 OldPeculier courierd: newmsg,id=AD58.3C2A963C.1851 Dec 26 22:32:14 OldPeculier courierd: started,id=AD58.3C2A963C.1851,from=[EMAIL PROTECTED],module= local,host=tim!!20008!20008!/home/tim!!,addr=tim Dec 26 22:32:14 OldPeculier courierd: Waiting. shutdown time=none, wakeup time=none, queuedelivering=1, inprogress=1 Dec 26 22:32:14 OldPeculier courierlocal: id=AD58.3C2A963C.1851,from=[EMAIL PROTECTED],addr=tim@trhos king.com,size=16516,success: Message delivered. Dec 26 22:32:15 OldPeculier courierd: completed,id=AD58.3C2A963C.1851 Dec 26 22:32:15 OldPeculier courierd: Waiting. shutdown time=Wed Dec 26 23:18:21 2001, wakeup time=Wed Dec 26 23:18:21 2001, queuedelivering=0, inprogress=0 How on earth did this message get accepted and delivered to a local account? I am running courier-0.36.1. -- Tim Hosking Bother, said Pooh. Eeyore, ready photon torpedoes and lock phasers on the Heffalump. Piglet, meet me in transporter room three. ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] How the hell was this spam delivered?
on 27/12/01 12:54 pm, Roland Schneider at [EMAIL PROTECTED] wrote: --Tim Hosking wrote on 27.12.2001 12:21 -0500: I just received a spam email from homelenders.com. Here are the headers: Delivered-To: [EMAIL PROTECTED] Return-Path: [EMAIL PROTECTED] Received: from smtp1.vol.cz (smtp1.vol.cz [195.250.128.73]) Add orbs.dorkslayers.com to BLACKLISTS and customers of this provider wont bother you again. But send a lart anyway. orbs.dorkslayers.com? Huh? started,id=AD58.3C2A963C.1851,from=[EMAIL PROTECTED],module= local,host=tim!!20008!20008!/home/tim!!,addr=tim Dec 26 22:32:14 OldPeculier courierd: Waiting. shutdown time=none, wakeup time=none, queuedelivering=1, inprogress=1 Dec 26 22:32:14 OldPeculier courierlocal: id=AD58.3C2A963C.1851,from=[EMAIL PROTECTED],addr=tim@trhos king.com,size=16516,success: Message delivered. [...] How on earth did this message get accepted and delivered to a local account? I am running courier-0.36.1. It was sent to [EMAIL PROTECTED], which seems to be your address... It was sent to [EMAIL PROTECTED] and delivered to [EMAIL PROTECTED] Take a closer look at the headers. -- Tim Hosking Dain bramaged ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] How the hell was this spam delivered?
on 27/12/01 1:07 pm, Sysop at [EMAIL PROTECTED] wrote: Actually I don't think they did. Actually I think I am an idiot and did not appreciate exactly how smtp works. I realised this by looking at the message headers for a couple of message received from this mailing list and noticing that the To: field doesn't have my email address in there, but the destination was already negotiated by the smtp HELO handshake. Egg on my face -- Tim Hosking Omelette anyone? THey buried the REAL destination in the headers, and spoofed the To field it looks like. Tim Hosking wrote: on 27/12/01 12:39 pm, Sysop at [EMAIL PROTECTED] wrote: Look at the TO: field in the header. That address has nothing to do with my server. I do not host homelenders.com and I have no user called loanrep. I do not accept mail addressed to non-existent users. How did you expect it NOT to get delivered? Everything looks cool, do you not accept email from an unknown user or somethign? You can add that persons domain into your bofh file, or just that account, but I fail to see how you expect it NOT to get delivered. Tim Hosking wrote: Hi. I just received a spam email from homelenders.com. Here are the headers: Delivered-To: [EMAIL PROTECTED] Return-Path: [EMAIL PROTECTED] Received: from smtp1.vol.cz (smtp1.vol.cz [195.250.128.73]) (TLS: TLSv1/SSLv3,168bits,DES-CBC3-SHA) by OldPeculier with esmtp; Wed, 26 Dec 2001 22:32:11 -0500 Received: from smtp2.vol.cz (smtp2.vol.cz [195.250.128.42]) by smtp1.vol.cz (8.11.6/8.11.3) with ESMTP id fBR3cjB89493; Thu, 27 Dec 2001 04:38:45 +0100 (CET) (envelope-from [EMAIL PROTECTED]) Received: from homelenders.com (datelb-1-2-18.dialup.vol.cz [212.20.100.20]) by smtp2.vol.cz (8.11.3/8.11.3) with SMTP id fBR3bkw12060; Thu, 27 Dec 2001 04:37:51 +0100 (CET) (envelope-from [EMAIL PROTECTED]) Date: Thu, 27 Dec 2001 04:37:51 +0100 (CET) Message-Id: [EMAIL PROTECTED] Mime-Version: 1.0 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit From: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: hassle-free home loans And here are the related lines from my maillog (sorry about the wrapping): Dec 26 22:32:09 OldPeculier courieresmtpd: started,ip=[195.250.128.73] Dec 26 22:32:14 OldPeculier courierd: newmsg,id=AD58.3C2A963C.1851 Dec 26 22:32:14 OldPeculier courierd: started,id=AD58.3C2A963C.1851,from=[EMAIL PROTECTED],module = local,host=tim!!20008!20008!/home/tim!!,addr=tim Dec 26 22:32:14 OldPeculier courierd: Waiting. shutdown time=none, wakeup time=none, queuedelivering=1, inprogress=1 Dec 26 22:32:14 OldPeculier courierlocal: id=AD58.3C2A963C.1851,from=[EMAIL PROTECTED],addr=tim@trho s king.com,size=16516,success: Message delivered. Dec 26 22:32:15 OldPeculier courierd: completed,id=AD58.3C2A963C.1851 Dec 26 22:32:15 OldPeculier courierd: Waiting. shutdown time=Wed Dec 26 23:18:21 2001, wakeup time=Wed Dec 26 23:18:21 2001, queuedelivering=0, inprogress=0 How on earth did this message get accepted and delivered to a local account? I am running courier-0.36.1. -- Tim Hosking It know it hurts. Maybe not as much as jumping on a bicycle without a seat, but it hurts. - Lt. Frank Drebin, The Naked Gun ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
