RE: Spamming

From: Bruce Fowler (bfowler_at_hvp.com.au)
Date: 07/19/01

A good test for your mail server:

From your mail server ---

telnet mail-abuse.org

Cheers,

Bruce Fowler

-----Original Message-----
From: Lucian Vanghele [mailto:lucian.vanghele_at_bisnet.ro]
Sent: Wednesday, July 18, 2001 10:30 PM
To: John Herron; manwithquestion_at_hotmail.com;
SECURITY-BASICS_at_securityfocus.com
Subject: Re: Spamming

it's not quit like this
his server must be able to receive email from anyone (of course you can set
a list with "bad guys")
to test for rely you must do

telnet youSMTPserver 25
 HELO server
 rcpt to: {whoever_at_elsewhere.com} (not yourcompany.com!!!)
 mail from: anyone_at_includingfakeaddresses.com
 data
 subject: test relay mail
blablabla...
if you have a "relaying denied" message then relay it's not permitted, if
the message goes on then your server could be used by others to send tones
of emails to others (for ex. those kinds of advertising: Viagra
blablabla...)
that's rely ... your SMTP server it's more like a mirror that will reflect
messages from outside_your_company to outside_your_company
how can this affect you? the load of your server will increase, (also it can
crash!!) your server can be put on spammers lists .etc etc

Lucian Vanghele,
IT Administrator,
Business Information Systems S.R.L (BIS)
746741 Bucharest, Lucretiu Patrascanu Street, Bl. MY3, 5th Floor, Sector 3
P.O.BOX: 37-166
Tel/fax: +40 1 255 45 77, +40 1 255 45 78, +40 1 255 45 79
Mobil:+40 092 459 839
e-Mail: Lucian.Vanghele_at_bisnet.ro
Web: http://www.bisnet.ro

----- Original Message -----
From: "John Herron" <john.herron_at_rrc.state.tx.us>
To: <manwithquestion_at_hotmail.com>; <SECURITY-BASICS_at_securityfocus.com>
Sent: Thursday, July 05, 2001 6:33 PM
Subject: Re: Spamming

> Yes, its a very common problem that most mail servers I've seen still
have. I guess people don't patch it so that their mail server, if receiving
mail that does not go directly to that network, will forward it on to the
party/server that SHOULD be receiving that email. With that, it makes it a
target for spammers that want to send directly through that server so it
will relay their message to the people they want and sometimes even hide
their IP address.
>
> To test your own server, try from home telnetting into your email server
through port 25. You can reference the RFC for all the commands you need or
just type:
> HELO server
> rcpt to: {whoever_at_yourcompany.com} (probably put yourself here)
> mail from: anyone_at_includingfakeaddresses.com
> data
> subject: test relay mail
> Type whatever you want in the body of the email and finish it by a . on a
single line.
> .
> /-----------------
> once you did the "." on a single line that should tell the mail server
your done and it should fire off the email. If that works and you receive
the email (it gets sent to whoever you put at "rcpt to: ") then yes, your
mail server is setup to support relaying. If not it will give you a
"relaying denied" message most likely.
>
> Good luck!
>
>
>

CAUTION - This message may contain privileged and confidential information
intended only for the use of the addressee(s) named above. If you are not
the intended recipient of this message you are hereby notified that any
use, dissemination, distribution or reproduction of this message is
strictly prohibited. If you have received this message in error please
notify the sender immediately.

Any views expressed or implied in this message are not necessarily those of
Han*** Victorian Plantations Pty Limited, its Subsidiaries,
Representatives or Agents.