[CentOS] Re: HELP

Sun Feb 5 16:01:23 UTC 2006
Thomas E Dukes <edukes at alltel.net>

 

> -----Original Message-----
> From: centos-bounces at centos.org 
> [mailto:centos-bounces at centos.org] On Behalf Of Tom Diehl
> Sent: Sunday, February 05, 2006 10:52 AM
> To: CentOS mailing list
> Subject: [CentOS] Re: HELP
> 
> On Sun, 5 Feb 2006, Thomas E Dukes wrote:
> 
> >  HELP!!!
> > 
> > Someone is forging my domain to spam AOL accounts.  Anyone 
> know how I 
> > can stop this.  I have deleted 400 - 500 of these over the 
> last 2 days.
> 
> Welcome to the Internet!! Short of making REAL sure it is not 
> coming from your network (do not assume it is not coming from 
> your network unless you check your network) there is not much 
> you can do. I or anyone else can send mail as anyone. It is 
> trivial to do.
> 
> 
> > localhost.localdomain [127.0.0.1]
> > 
> >    ----- The following addresses had permanent fatal errors -----
> > <missmeia at aol.com>
> >     (reason: 554- (RTR:SC)
> > http://postmaster.info.aol.com/errors/554rtrsc.html
> 
> 
> Did you actually look at the URL AOL provided?? If you are on the
> same ip address all of the time this is likely a problem with 
> your network.
> 
> AOL is pretty good about these kinds of things. Are you 
> running a web server?
> If so I would look REAL hard at it. Check your maillogs, 
> webserver logs, etc.
> 
> If your ip address does not change you might want to setup a 
> feedback loop
> as suggested in the URL listed above. It works, believe me. I 
> use it here.
> It makes it real easy to catch garbage going to AOL.
> 
> <over 200 lines of the same error message deleted>
> 
> Why did you find it necessary to include 200 lines of the same error??

Sorry,

Just wanted to send everything so someone may be able to help me.

> 
> > <<< 554  Connecting IP: 151.213.88.187
> 
> Is this your ip-address?? If yes, you most likely have a 
> problem. If no someone
> else does and you can simply delete the messages.

Yes, that's my IP.  I checked a few yesterday and they had IP's from Korea,
Viet Nam.  Some may have mine but not all.  Now I'm getting bounces from
different domains mailscanner/sendmail is now off).

Thanks!!
> 
> Hope this helps,
> 
> Tom Diehl		tdiehl at rogueind.com		
> Spamtrap address mtd123 at rogueind.com
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>