On 08/13/02 at 15:57, Jody Bouvier (CajunNet) wrote:
> I am running SIMS 1.7 on a G3/266. The system has been working
> flawlessly for the past couple of years. Only have to restart about
> once every 2 months. Currently have over 250 user accounts. I have
> been using all anti-spam options such as Client Hosts, Relay for
> Clients Only, Verify Return Paths, Black Listed, and Use Blacklist
> DNS Server:
You should upgrade SIMS to at least 1.8b8, if not 1.8b9d14 (both are
available via ftp from ftp.stalker.com). The 1.8 betas have some
significant improvements in the anti-spam features. In fact, the 'percent
hack' that AOL got you with may have been only been closed in one of the
1.8 betas. I don't remember exactly when that vulnerability was fixed, so
it may well have been still present in 1.7, as the AOL test implies.
Don't worry about stability in running a 'beta' version of SIMS -- many of
us have been running 1.8b8 for over two years and found it to be rock
solid, 1.8b9d14 seems to be just as solid. [My SIMS box generally goes far
longer than two months between reboots.]
> I received the following e-mail message on the Postmaster account.
>
>
---------------------------------------------------------------------------
--
> This is a warning message.
> You are receiving this message because this, or one of your mail
> relays (see below for details) is open to third party (free) relaying
> and has been abused to send unsolicited bulk email (spam) to America
> Online, Inc.'s email system.
>
> Below, you will see output from our database indicating which tests
> we performed on your system, and the time at which the last test was
> performed.
>
> For example, if you see:
>
> mail from:<[EMAIL PROTECTED]>
> rcpt to:<[EMAIL PROTECTED]>
>
> it means we were able to send a piece of email with a "from" address
> of "[EMAIL PROTECTED]" through your system, back to the
> email account "[EMAIL PROTECTED]". (The email address
> "[EMAIL PROTECTED]" doesn't exist -- it's greater than 16
> characters -- but the fact that your system tried to deliver to that
> address indicates that your server is available for free relaying.
> We encourage you to use this email address as a test... you will
> receive undeliverable email back from AOL's Mailer-Daemon if you are
> open to free relaying.)
>
> Here's your server data:
> Date: Tue Aug 12 10:09:00 2002
> mail from: <[EMAIL PROTECTED]>
> rcpt to: <CloseYourOpenRelay%aol.com@yourhostname>
> You will receive a series of warning messages. If this is your first
> warning message, you have 5 business days from the date AOL sent the
> message to address the above security issues before you server may be
> blocked from sending mail to the AOL member base. If your server is
> intentionally open and you wish it never to be tested again, please
> send an email to [EMAIL PROTECTED] with the subject line "forever
> open, don't test" and your IP address(es) in the body of the email.
> AOL will then put your IP(s) into the Forever Open Don't Test list.
> *** Please keep in mind that if you do this, your server will be
> blocked and will REMAIN blocked until you send an email to
> [EMAIL PROTECTED] and ask AOL to start testing your server again. ***
>
---------------------------------------------------------------------------
>
> I tested and verified the following:
> 1. I can relay messages from TCP/IP addresses listed in the Client
> Hosts.
> 2. I cannot relay messages from TCP/IP addresses not listed in the
> Client Hosts.
> 3. I can connect to the POP host (check mail now) and immediately
> send the relay message from a TCP/IP address not listed in the Client
> Hosts.
>
> I followed the AOL instructions and tried sending a message (using
> send mail now and not check mail now) from a dial-up account using
> their e-mail server and a TCP/IP address not listed in the Client
> Hosts and it went through.
>
> Any info would be greatly appreciated.
--
Christopher Bort | [EMAIL PROTECTED]
Webmaster, Global Homes | [EMAIL PROTECTED]
<http://www.globalhomes.com/>
#############################################################
This message is sent to you because you are subscribed to
the mailing list <[EMAIL PROTECTED]>.
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
Send administrative queries to <[EMAIL PROTECTED]>
