stop mail spam?

**Final-Solution** · 05-22-2003 03:03 PM

I got an email in my box today that is supposed to be from myself, but it has a virus on it . . I didnt send it, does it look like someones using my box to send it 'cuz it does to me . . how would i fix it up?

>>>>>
Return-path: <user@domain.com>
Received: from qn-212-127-196-189.quicknet.nl ([212.127.196.189] helo=mail.domain.com)
by server1.domain.com with smtp (Exim 3.36 #1)
id 19Is58-0001wO-00
for user@domain.com; Thu, 22 May 2003 11:34:14 -0400
From: User<user@domain.com>
To: User@domain.com
<<<<<

I seem to remember helo being a command when relaying mail, how would i go about turning off a relay option if thats the case?

thanks!

cPanel.net Support Ticket Number:

**loststryk** · 05-22-2003 03:17 PM

smtp authentication is required.

what this person may have done is the following ( this is a telnet example)

telneted to port 25 on your server and typed the following commands.

helo abuse.net
mail from: root@yourdomain.com
rcpt to: your@emailaddress.com
data
whatever they wanted to write in your email.
.

easy stuff, now why isn't there a fix for this frigging problem ?

i don't know enough about exim, i have read the exim web site quite a few times now, and i still can't stop this problem.

all mail should be authenticated, but it don't =o(

cPanel.net Support Ticket Number: 0800-R-U-Legit

**loafer** · 05-22-2003 03:52 PM

It's likely to be this...

1) Someone (now to be know as clueless) else has you in their address book without any AV.
2) Clueless gets infected with a virus that randomly chooses from and to addresses and sends it's self out. But uses clueless's address as the envelope from so every dam locally configured relay will process the mail.
3) Clueless's virus pick you for both the (fake)sender and the recipient.
4) you get the virus, and your av catches it.

Simple innit' ?

cPanel.net Support Ticket Number:

**Final-Solution** · 05-22-2003 06:07 PM

Yea i kinda figured someone was sending me an infected file . . I'm just concerned if they sent it to me through our server, if its someone elses server spamming out virii it's not my concern, though just now i realize thats not my IP in the from address.

thanks for the replies!

cPanel.net Support Ticket Number:

LinkBack

Thread Tools

stop mail spam?

How to stop this Spam mail ? postmaster@xxx.com

Stop Spam Assasin sending you mail for each mail it stopps

I need help to stop this spam

How to stop spam?

STOP SPAM!!!