james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Harmeet Bedi" <harm...@kodemuse.com>
Subject Re: SPAM #3 (ORBZ.org)
Date Fri, 22 Mar 2002 23:35:19 GMT
----- Original Message -----
From: "Paul Hammant" <Paul_Hammant@yahoo.com>
> Folks,
>    http://www.theregister.co.uk/content/6/24544.html
>
> Were they trying to use spamming techniques to compile a list of failing
> mail servers?  And this in breach of DMCA or and hacking legislation?
>  If there were a RFC ilustrating "HELO, RU-AN-OPEN-RELAY, THNX, BYE" ,
> then it might not have gone to court/lawyers.
>

Their approach seems to be that SMTP is abused, let us compile a list of
servers that can be abused. In some sense it is a public service, but to me
it is a bit like, let us collect information on vulnerable machines by
exploiting the vulnerabilitues and then as a public service, publish the
list of machines. Seems like an odd approach, but maybe an effective one to
fight against spam.

I detected their probes on my mail server in January. Attaching the
conversation. You may find it interesting.

Harmeet

----------------------------------------------------------------
From: "ORDB.org" <ordb@ordb.org>
To: Harmeet <harmeet@kodemuse.com>
Cc: ordb@ordb.org
Subject: Re: [ORDB] Feedback from ORDB (2950991451725002474)

On Sun, Jan 20, 2002 at 01:24:14AM +0100, Harmeet wrote:
> Some has requested Open relay test on my mail server running at
> 63.194.82.242.
>
> Your database indicates that it is 12.231.2.113. This is causing your
> system to ping my server and consuming some processing cycles on my
> machine.
>
> This raises a few questions
> 1. You are using my resources without my knowledge or permission. That is
> not nice, but ok, because you seem benign and are trying to help.

Thanks.

> 2. Who is trying to know about my system ? You should disclose the email
> address to me.

Unfortunately we can't, since that would be violating our privacy policy.

> 3. Your system seems to be an open relay of traffic. Basically anyone can
> request probe on another system, with checking for credentials. This may
> generate unwellcome traffic.

Correct. That is how we expand the size of our database.

--
ORDB.org support /boll

If you appreciate the work done by ORDB, please leave a donation at
http://ordb.org/donate/

----------------------------------------------------------------


--
To unsubscribe, e-mail:   <mailto:james-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:james-dev-help@jakarta.apache.org>


Mime
View raw message