Relay for spam?

Tony Pursell ajp at princeswalk.fsnet.co.uk
Wed May 18 19:42:09 UTC 2011 

On Wed, 2011-05-18 at 15:31 -0400, Bill Stanley wrote:
> <<< snip >>>
> 
> > Who is your ISP? Do they supply you with a fixed IP address or a dynamic
> > one?
> >
> > Are they basing this just on your email address being used for spam? Or
> > is it you IP address?  This is important because email addresses can be
> > spoofed, so almost anyone can send an email 'From' you.  If you use
> > Evolution, go into Edit>  Preferences>  select your default account>
> > Edit, then put ajp at princeswalk.fsnet.co.uk in the Email address box and
> > you will be sending all your mail 'From' me.  Its as easy as that!  I
> > know because I have one of the most comprehensively spoofed email
> > addresses around, if the non-delivery notices I've been getting lately
> > from various Russian email servers is anything to go on.
> >
> > I don't believe that your ISP would not be so naive as to think your
> > email address alone indicates you as the spam source, so if the email
> > from your ISP is not a hoax, then they must be identifying the spam from
> > the IP address they have given you.  So you either have an open proxy or
> > a SMTP mail sever (which sends mail) set up as an open relay.
> >
> > A proxy server usually is set up so that people on the internal IP
> > addresses of a network can access the internet.  An open proxy allows
> > anyone on the world wide web who happens to know your IP address to use
> > that proxy server. (I talk from bitter experience!)  Unfortunately, they
> > don't just use it to browse the web (although it would be a way to
> > access illegal pornographic content) but use various http commands to
> > relay mail.
> >
> > By default, SMTP mail servers should not be set up to relay mail.  So
> > the mail server I administered only sent out mail originating from our
> > internal IP addresses and not 'relay' mail from other external IP
> > addresses.  But SMTP mail servers are very easy to set up.  Most Windows
> > viruses that send spam have there own built in SMTP mail servers.  Even
> > OpenOffice.org/LibreOffice has a built-in SMTP server to send its
> > mail-merge emails.
> >
> > You can go to a site like SORBS (http://www.au.sorbs.net/lookup.shtml)
> > to check if your IP address has been identified as an open proxy or an
> > open relay.  Sites like Spamcop collect spam emails from people to
> > identify IP addresses sending spam and inform ISPs of them. They also
> > have a black-list lookup at http://www.spamcop.net/bl.shtml.
> >
> > So have a word with your ISP and ask them on what basis are the saying
> > you are a spammer.  They should know if you are an open proxy or open
> > relay.  Let us know what they say so we can help you further.
> >
> 
> I did check with my ISP and they checked the emails sent from my email 
> account and they said they found nothing was unusual.  It obviously was 
> a hoax and the attachment, that I never saw was probably deleted by the 
> ISP, was probably booby trapped hoping that I opened the attachment and 
> this computer was a Windoze machine.
> 
> To answer your questions...
> 1   I use Wowway as my ISP.
> 2.  I do not have a fixed IP number (The ISP probably uses NAT.
> 3.  I have a couple email addresses associated with this ISP accounts
>      The email address I use for personal emails is not affected so I
>      suspect someone is spoofing the email address that I use on this
>      forum.
> 3.  The email client I use is Thunderbird.
> 
> 
> Bill Stanley
> 

Problem solved, then. Great!

Tony

More information about the ubuntu-users mailing list