|FROM ||Ron Guerin
|SUBJECT ||Re: [NYLXS - HANGOUT] mail systems
|Ruben Safir wrote:
> On Fri, Sep 14, 2007 at 11:46:06PM -0400, Ron Guerin wrote:
>> Ruben Safir wrote:
>>> Is it relaying or not? I'm worried that I've had some spam relayed through the system but
>>> every relay test I run comes back negative.
>> I believe the relay it refers to is the system that passed you the mail,
>> as the mail was not locally generated. The question you need to answer
>> for yourself is what happened to that message. If it was delivered to
>> one of your local users (either final delivery to a mailbox or a
>> program, or forwarded out for one of your local users to anywhere else)
>> then that message should not concern you.
> Yeah that's what's bothering me. Some of the results in mailq seem to tell
> me that spams are being being delayed in the outgoing mail and that these mails
> are originating from the MAIL-DAMEAN or some such. I believe that they are coming from
> the info-at-nylxs.com alias, but I'm not certain and the mail logs are not clearifying this.
> Also, majordomo returns spam messages to the user-at-domain where a request is suposedly
> generated from, and that might also be the origin.
> Neither would concern me, but an exploit for relaying would make me really worry.
Mmmm. Well, actually backscatter can get you in trouble too. It's sort
of indirect relaying, whereby instead of you "delivering" the spam to
the victim, you _bounce it to them_.