Re: [Exim] X-Originating-IP header and SPAM

Top Page
Delete this message
Reply to this message
Author: Giuliano Gavazzi
Date:  
To: Suresh Ramasubramanian, Jaco van der Schyff, exim-users
Subject: Re: [Exim] X-Originating-IP header and SPAM
At 15:31 +0530 2003/05/06, Suresh Ramasubramanian wrote:
>Jaco van der Schyff <jvds@???> wrote:
>> I am currently running Exim 3.33 on a Linux 2.2.16 box.
>>
>> I have the following problem:
>> My mailserver has been listed in the bl.spamcop.net blackhole list
>> because of alegged spam sent through the machine.
>>
>> This is a copy of the headers of the alleged spam from spamcop:
>>
>
>Given this - your server was apparently abused to pump spam through
>hotmail's webdav interface.
>
>So you are most likely running an open proxy that is being abused to
>proxy smtp / dav requests and spam through hotmail.
>
>http://www.corpit.ru has a good proxychecking tool you can use.
>
>Not an exim problem, most likely
>


Couldn't also this happen by having a virus/malicious code running on
the server, or behind the server's NAT (if the server acts as a
gateway for private addressed machines)? This can be an important
issue in some cases.
I had to block port 25 for NATed machines in our network as we had a
virus on one of the PCs at the cybercafe. This is fortunately behind
a NAT with a different address from the server and the incident was
isolated. But if this can happen on port 80 (that I cannot block) and
more incidents happened as a result, I might see our net-block
blacklisted.
I know this is not exim related...

Giuliano
--
H U M P H
    || |||
  software


Java & C++ Server/Client/Human Interface applications on MacOS - MacOS X
http://www.humph.com/