[AusNOG] Conspiracy? Manupulation? See it for yourself!

Beeson, Ayden ABeeson at csu.edu.au
Wed Apr 24 14:05:02 EST 2013


It would be the way to do it yes but I would assume given what's occurring that's not the case at the moment.

Thanks,
Ayden Beeson


-----Original Message-----
From: ausnog-bounces at lists.ausnog.net [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Chris Jones
Sent: Wednesday, 24 April 2013 2:01 PM
To: Heinz N
Cc: ausnog at ausnog.net
Subject: Re: [AusNOG] Conspiracy? Manupulation? See it for yourself!

Wouldn't a simpler solution be:

1.  Add an SPF record for ausnog.net
2.  Enforce this on lists.ausnog.net

??

- Chris

On 24/04/2013, at 1:33 PM, Heinz N <ausnog at equisoft.com.au> wrote:

> On Wed, 24 Apr 2013, Skeeve Stevens wrote:
>
>> So we know where the spam is coming from or how they are subscribing?
>>
>
> Reading the headers:
>
> From: <ausnog at ausnog.net>
> To: <ausnog at ausnog.net>
>
> I think that the spammers are not subscribing at all. They are exploiting a simple weekness in the MTA configuration.
>
> I would not dare test this as it might be perceived as an attack, but I suspect that the ausnog MTA will relay if the "RCPT To:" and "MAIL From:" are both reported as from local domain ausnog.net.
>
> I had this problem a long while ago and the only way I could get around this was to have 2 MTAs. One "public" one will accept mail to my local domain(s) but it is specifically blocked from relaying for them. The private one will relay for the local domains and is only used for sending out. Now spammers get a nasty bounce message if they try to pretend to be "MAIL From:" any of my local domains, sending "RCPT To:" any of my local domains :-)
>
> Regards,
> Heinz N.
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog

_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
Charles Sturt University

| ALBURY-WODONGA | BATHURST | CANBERRA | DUBBO | GOULBURN | MELBOURNE | ONTARIO | ORANGE | PORT MACQUARIE | SYDNEY | WAGGA WAGGA |

LEGAL NOTICE
This email (and any attachment) is confidential and is intended for the use of the addressee(s) only. If you are not the intended recipient of this email, you must not copy, distribute, take any action in reliance on it or disclose it to anyone. Any confidentiality is not waived or lost by reason of mistaken delivery. Email should be checked for viruses and defects before opening. Charles Sturt University (CSU) does not accept liability for viruses or any consequence which arise as a result of this email transmission. Email communications with CSU may be subject to automated email filtering, which could result in the delay or deletion of a legitimate email before it is read at CSU. The views expressed in this email are not necessarily those of CSU.

Charles Sturt University in Australia  http://www.csu.edu.au  The Grange Chancellery, Panorama Avenue, Bathurst NSW Australia 2795  (ABN: 83 878 708 551; CRICOS Provider Numbers: 00005F (NSW), 01947G (VIC), 02960B (ACT)). TEQSA Provider Number: PV12018

Charles Sturt University in Ontario  http://www.charlessturt.ca 860 Harrington Court, Burlington Ontario Canada L7N 3N4  Registration: www.peqab.ca

Consider the environment before printing this email.

Disclaimer added by CodeTwo Exchange Rules 2007
http://www.codetwo.com




More information about the AusNOG mailing list