[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Subject: [IP] more on 25,000 ton spam relay, with photos of it!]
Delivered-To: dfarber+@ux13.sp.cs.cmu.edu Date: Tue, 16 Dec 2003 10:16:42 -0500 From: Suresh Ramasubramanian <suresh@hserus.net> Subject: Re: [IP] 25,000 ton spam relay, with photos of it!] To: dave@farber.net Cc: Rich Kulawiec <rsk@gsp.org> Dave Farber writes on 12/16/2003 10:08 AM:
> or some nice-and-secure Windows box in the construction drydocks, running > Microsoft Exchange Internet Mail Service Version 5.5.2653.13
Not just Exchange. That "no.name.available" and "via smtpd (for [connecting ip]) header suggests that the exchange box is frontended with a raptor firewall.
I have seen more than one misconfigured raptor frontending an already secure mailserver (not just your average insecure exchange / IIS box) turn the mailserver it frontends into an open relay.
srs
> H: Received: from no.name.available by avnavfw.lpd17.navsea.navy.mil> H: via smtpd (for [209.181.16.1]) with SMTP; 16 Dec 2003 05:53:08 UT> H: Received: from avnavfw.AVONDALE (205.67.231.5 [205.67.231.5]) by> H: swn-email.lpd17.navy.mil with SMTP (Microsoft Exchange Internet Mail> H: Service Version 5.5.2653.13)
------------------------------------- To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Powered by eList eXpress LLC