james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Serge Knystautas <ser...@lokitech.com>
Subject Re: SPAM #3 (ORBZ.org)
Date Sat, 23 Mar 2002 00:03:16 GMT
So, it is a violation of their privacy policy to reveal who asked for 
the intrusive test, but it's not a violation to do the intrusive test or 
publish the results for anyone to see...  If something is this 
non-sensical, I generally assume it was the work of lawyers.

On a related note, James out of the box checks 3 blacklists (MAPS, ORBL, 
and ORDB I think), and I found a nice quick list of blacklists and other 
useful anti-spam info here:  http://www.rahul.net/falk/  We should 
probably add an anti-spam page to the James site to capture useful info 
and otherwise track useful advice.

Serge Knystautas
Loki Technologies - Unstoppable Websites
http://www.lokitech.com/

Harmeet Bedi wrote:
> ----- Original Message -----
> From: "Paul Hammant" <Paul_Hammant@yahoo.com>
> 
>>Folks,
>>   http://www.theregister.co.uk/content/6/24544.html
>>
>>Were they trying to use spamming techniques to compile a list of failing
>>mail servers?  And this in breach of DMCA or and hacking legislation?
>> If there were a RFC ilustrating "HELO, RU-AN-OPEN-RELAY, THNX, BYE" ,
>>then it might not have gone to court/lawyers.
>>
> 
> 
> Their approach seems to be that SMTP is abused, let us compile a list of
> servers that can be abused. In some sense it is a public service, but to me
> it is a bit like, let us collect information on vulnerable machines by
> exploiting the vulnerabilitues and then as a public service, publish the
> list of machines. Seems like an odd approach, but maybe an effective one to
> fight against spam.
> 
> I detected their probes on my mail server in January. Attaching the
> conversation. You may find it interesting.
> 
> Harmeet
> 
> ----------------------------------------------------------------
> From: "ORDB.org" <ordb@ordb.org>
> To: Harmeet <harmeet@kodemuse.com>
> Cc: ordb@ordb.org
> Subject: Re: [ORDB] Feedback from ORDB (2950991451725002474)
> 
> On Sun, Jan 20, 2002 at 01:24:14AM +0100, Harmeet wrote:
> 
>>Some has requested Open relay test on my mail server running at
>>63.194.82.242.
>>
>>Your database indicates that it is 12.231.2.113. This is causing your
>>system to ping my server and consuming some processing cycles on my
>>machine.
>>
>>This raises a few questions
>>1. You are using my resources without my knowledge or permission. That is
>>not nice, but ok, because you seem benign and are trying to help.
> 
> 
> Thanks.
> 
> 
>>2. Who is trying to know about my system ? You should disclose the email
>>address to me.
> 
> 
> Unfortunately we can't, since that would be violating our privacy policy.
> 
> 
>>3. Your system seems to be an open relay of traffic. Basically anyone can
>>request probe on another system, with checking for credentials. This may
>>generate unwellcome traffic.
> 
> 
> Correct. That is how we expand the size of our database.
> 
> --
> ORDB.org support /boll
> 
> If you appreciate the work done by ORDB, please leave a donation at
> http://ordb.org/donate/


--
To unsubscribe, e-mail:   <mailto:james-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:james-dev-help@jakarta.apache.org>


Mime
View raw message