Open Relays and Spam Blacklists
My business mail server got blacklisted the other day. We started getting consistent bounces from a couple of clients that referenced some odd site. A little poking around revealed that our mail server had been inexplicably identified as an open relay and was on a spam blacklist that the clients of this ISP subscribed to.
This, then, is a primer on open relays and spam blacklists for those that don’t know what they are, and who may fall prey to the same problem we did.
What This Links To
Spam Might Be Coming From YOUR Machine
Zombie PCs spew out 80% of spam: Turns out spam is coming from places other than you might think. It's tempting to envision spam coming from some centralized location so we can all sit around and complain that they don't shut the loser off, but the reality appears to…
Comments
I had the unfortunate opportunity to experience the consequences of an open relay on a mail server I administer. It didn't get blacklisted, but the server was unusable for several hours while I was trying to plug the holes back up.
As near as I can figure, the settings on the mail server that kept it from relaying mail got blasted after an extended power outage took the server down, and I didn't catch it for a few days. By that time spammers were shoving tens of thousands of messages through it every hour -- the thing slowed to a crawl.
The thing that got me is that while it was open the bozo spammers hammered it so hard it nearly froze. If it weren't for that I probably wouldn't have noticed for a while. So their own frenzied abuse of my server brought the problem to my attention, and I shut them down. Not the sharpest knives in the drawer I guess.
I run the site iMillionaires.com - a free business information and help site and this looks like a good angle for a story on protecting your business site.
Another problem we run into with our sites is spammers using our email address as a return address. This often causes bouncing of email since spammers will spam to any email address, weather its valid or not, and then the email bounces, and then your mail server will normally send back a reply if it's an invalid address.
We see about 20,000 bounced spam emails a day to one of our domain names alone.
I'm not sure if replying to these bounced spams can get you blacklisted.
Another problem we are concerned about is a site that we allow free classified ads to be posted. We send out an email to the poster (who often will use a fake email address) with their password to manage their ad.
This has gotten our server blacklisted with AOL and when we called them about it they could not tell us any details but they did unblacklist it. It turns out, many people were using fake AOL return addresses that must have been real AOL users. According to AOL, the users probably reported the posting acknowledgement emails as spam.
I think the problem is that people are pissed off about spam and are quick to pull the trigger on anyone and it's possible that your business or website could get reported in their hast.
Like I said, I see another good story here. I will probably reference this page and will give you guys credit.
Add Comment
- Dubai: "Sure, we can build that." by jun, 43 seconds ago
- VeriSEAL by VeriSEAL, 51 minutes ago
- How to Obscure URLs by Anonymous, 2 hours, 17 minutes ago
- Comment Previewing Using Ajax by Anonymous, 2 hours, 18 minutes ago
- Two New T-Rex Fighters by james dinwiddy, 3 hours, 20 minutes ago
- Show 5 more »
- Cheap Cable Runs by Deane in 2006
- We could only be so lucky by Deane in 2005
- Googlines? by Joe in 2005
- Cultured Diamonds Revisited by Deane in 2005
- Gaming Addiction in Seoul by Deane in 2005
- Show 8 more »