[CentOS] pop3 attack

Fri Mar 13 22:00:18 UTC 2009
Scott Silva <ssilva at sgvwater.com>

on 3-13-2009 12:36 PM James Pifer spake the following:
>> The problem has nothing to do with the Smart host server entry.
>> Read the information in the URL above and contact your ISP.
> I understand the problem is I'm in a residential range of dynamic IP,
> even though I have commercial class, and I DID read the information in
> the URL. That's how I verified I am using the right host for smarthost. 
>>From the site:
> ****
> Outbound Email Policy of Time Warner Cable/Road Runner for this IP
> range:
> It is the policy of Time Warner Cable/Road Runner to share with other
> entities lists of our dynamic IP address space. While Time Warner
> Cable/Road Runner does not presently forbid customers from sending out
> mail directly from such space, it recognizes that others may wish to
> refuse mail from such space, and so Time Warner Cable/Road Runner makes
> that space known to others to facilitate their enforcement of their
> policies. Customers finding their mail refused by others due to a PBL
> listing should send their outbound mail through the outbound mail server
> designated for them;
> ****
> So this sounds like smarthost. So if it has nothing to do with
> smarthost, is there a work around for it? The mail is being sent through
> the ISP's mail server, but the destination mail server is refusing it
> based on the domain name lookup? Why doesn't the other mail server see
> it being delivered by the ISP's server and accept it?
> I talked to Time Warner support. First guy I talked to gives me the
> standard line that they don't support linux and he's never heard of
> sendmail. Ugh!
> I finally argued to get the call escalated. This person asked what host
> I was sending through and felt like that should work. He is going to
> request the IP get removed from the PBL, but I'm not liking my
> chances....
> RR charges you an extra $50/mo for static ip! I don't have many other
> choices for a decent high speed connection. DSL is too slow in my area. 
Remember that some mail admins can be pretty anal about what checks they run
from their servers. You have absolutely no control over that aspect. All you
can hope to achieve is being able to send mail to admins who follow the letter
of the RFC's. The rejections on your originating address seem overly done if
your mail is sent through the smart hosts, but you have to also check that you
are absolutely sure that said mail did actually go through the smarthost. If
the rejecting server is someone you deal with regularly, maybe you could get
some sort of white listing arrangement.

If you can get mail to the top ISP's like AOL and Yahoo, you are doing pretty
well, even if you have to reject the barrage of crap that comes back from
them. ;-P

MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20090313/1cab594b/attachment-0003.sig>