Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Spamming. Am I being naive?

Status
Not open for further replies.

mizzy

IS-IT--Management
Jun 28, 2001
277
AU
Hi there,

I have a lotus notes SMTP server. It has been configured NOT to relay mail. If an attempt is made to relay mail through this server then this is noted in the notes log.
Sure enough from time to time I do see a relay message being denied, but not very often.

Recently I install a product(on a different server to my notes SMTP server) from Network Associates called "SMTP Webshield". It adds an extra level of SMTP protection to the antivirus software I already have installed on my SMTP server(Groupshield). Webshield allows me to stop all sorts of mail reaching my users based on a varity of options(Source domain, Mail subject, the ususal stuff). Because of what it does Webshield has an SMTP engine.

I installed this product and basically played with it.After a couple of hours I checked the stats on this product. Every second Webshield was relaying mail for many different sources! I know that I can stop this using the config options provided.

However my question is this. How did these spammers get a hold of my server. Who told them the IP address.
As I said at the beginning of my mail, when my notes SMTP server does get someone trying to use it for spamming it is noted notes log. But these attempts are very very few and far between.

Was I just unlucky that someone got a hold of my Webshield server before I configured it NOT to relay. Am I being very naive in this cruel world of Spam?

Thanks for any help,
 
It is quite probable that no one told them anything. These days there are tools that constantly search every available IP address to find out what is at the other end.
The nature of a server is not something that can be hidden. Check out and ask them to check out your IP address. You will then see what info is publicly available at your site.
I don't know if there is anything you can do about it, except maybe block all traffic from the source IP and hope you won't be blocking legitimate traffic in a few months/years.

Pascal.
 
Thanks Pascal,
You have opened my eyes to what goes on out there,
I'll block the IP addresses.

Have a good day,
 
Glad to be of service. Yet I only have limited knowledge on all this spam/IP stuff. There is undoubtedly loads more to say, but I think blocking the IP address is a very good start.

A nice day to you too.

Pascal.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top