Telkom SMTP server spam listed
Telkom's SMTP server is spam listed once more !!!
http://www.mail-abuse.com/cgi-bin/sh...ng.cgi?1245554
The Postfix program
<____________@_____________.com>: host
____________@_____________.com[999.999.999.999] said:
<____________@_____________.com>... Connection refused - Connecting host
listed in MAPS RBL.Please visit http://www.mail-abuse.org for details. (in
reply to RCPT TO command)
One of Absa's mail servers was also blacklisted on one of the RBL's Sorbs I think. I think it is very bad for an ISP to have a server blacklisted. That is normally a bad config not so?
No, its not a bad configuration - the server is not an open relay. But they have failed to respond to abuse queries which is bad - I do wonder though why this was expected to recieve a response from afrinic? It is not their job, and they have just as much problem communicating with SAIX.
I'm finding alot of my emails from @telkomsa.net accounts aren't going to South African companys, but having no probs to international. Just things like DStv, Multichoice, TELKOM, HiFi Corp.... or maybe I've been added to the 'Constant Nagger' blacklist :P
hehe! Not just telkoms SMTP server needs to be spam listed.
"When Life Gives You Questions, Google has Answers - AJ Carpio"
~ Twitter: MrG_SA ~
...sometimes helps switching between the two SMTP servers,
smtp.telkomsa.net
and
smtp.saix.net
only problem is... the sperm bank rejects it's own mail... LMFAO
rather send mail directly from your PC - no external server required.
http://www.softstack.com/freesmtp.html
This freeware proggy works like a charm - one snag tho'...
It will let you send max 10 mails per day
Last edited by NoRulez; 08-07-2006 at 01:44 PM.
Eish!
The problem with sending mail directly form your pc on a Telkom ADSL network is that your mail will be dropped by most servers using the Sorbs RBL lookups, as they have listed most of the dynamic Addresses from ADSL and Cable networks worldwide.
You can check you ip here or someone elses http://www.us.sorbs.net/lookup.shtml
Originally Posted by NoRulez
...sometimes helps switching between the two SMTP servers,
smtp.telkomsa.net
and
smtp.saix.net
only problem is... the sperm bank rejects it's own mail... LMFAO
rather send mail directly from your PC - no external server required.
http://www.softstack.com/freesmtp.html
This freeware proggy works like a charm - one snag tho'...
It will let you send max 10 mails per day
No properly configured mail server will accept mail from you.
My flickr
In the best of a company's interests, a good sysadmin will block dynamic IP adresses as these are a hotbed of spambots.
Should you want to set up your own mailserver, get a static IP and employ some good security measures to ensure that your server doesn't get hacked.
Christ-mass is NOT for Christians. Jeremiah 10.Is the 10 Commandments for Christians?
Saturday is the Seventh day, Sunday is the first day.
Shmiert Shpammer
Well the only way anything gets blacklisted is if someone is doing spam... and lets be honest.. there are jerks out there that got nothing better to do but do it and if you signed up on a telkom account they will be blacklisted.. i have a problem where i changed my domain completely as people were using my domain name to send out junk emails.. so dont think u guys can put the blame on telkom for this one .. but rather its users..
Well thats i think perhaps the only reason why one gets blacklisted. Also one more thing is phishing - i know that many domains are blocked temporarily bacause their domains are phished for sending spams.
If you have directors travelling around who need to send mail, you'll be out of a job. You cannot just block all dynamic IPs. What you can do is allow authentication, and reject mail from dynamic IPs who haven't authenticated.
And that someone doesn't have to be you (or your clients) for your IP to get blacklisted. Idiotic "nice" features like bouncing mail with a cute message if the e-mail address is wrong, out-of-office replies, and forwarding all mail to an off-site address where you have no control over the mailserver hosting this off-site address) will all get you blacklisted without even trying.
Think about it. Spammer sends a mail to evitabezuidenhoudt@yourdomain.com - a bogus address. Like any true spammer, the Return-Path and From headers are both forged (and probably don't match anyway). Your server accepts the mail, sees, "oh dear, there's no such user," then sends a cute message back saying "sorry, I don't know who this is." This message, still containing the spam, goes "back" to someone who didn't send it to start with. They bitch at their ISP, their ISP blacklists takes the steps to backlist you.
Same thing happens when you forward mail off site. Your server accepts the mail, tries to forward it. Remote server is a bit tight-ass about what it accepts, and rejects some of the spam. Your server is now stuck with it. What does it do? Return it, of course. Repeat the previous paragraph. I see servers setup in this way on a daily basis. People configure a catch-all, then forward it to their hotmail/yahoo/gmail account. And then wonder why legitimate mails they send to someone's hotmail account don't show up.
They weren't using your domain, they were forging it. That's what SPF is for - it's an anti-forgery tool (not anti-spam, which most people seem to think it is).
Some overzealous admins will setup some rules to reject/drop mail coming from domains that are popular targets for phishers, without checking where the mail really comes from. Dumb idea.
Again SPF is your friend. Paypal is a big victim of phishing. Yet their mails are deliverd. Why? Here's why:
$ dig paypal.com TXT
; <<>> DiG 9.4.1-P1 <<>> paypal.com TXT
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34124
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;paypal.com. IN TXT
;; ANSWER SECTION:
paypal.com. 3600 IN TXT "v=spf1 mx include:s._spf.e bay.com include:m._spf.ebay.com include._spf.paypal.com include:c._spf.eb ay.com include:spf-1.paypal.com ~all"
Implement SPF checking on your server, and you won't be bothered with paypal phishing mails because your server will know if a mail is really coming from paypal or not.
My flickr
someone made a good suggestion,
Get Your Own Domain, its about time anyway, these days one needs to do a bit of social branding.
Either that or stick to gmail.
RESISTANCE IS FUTILE.
That's exactly what we do. SMTP Authentication helps a lot.
Can you help with doing a blog in SPF, as I haven't dealt with it yet? Will give full credit to you.
*mutter*
bladdy spammers
Christ-mass is NOT for Christians. Jeremiah 10.Is the 10 Commandments for Christians?
Saturday is the Seventh day, Sunday is the first day.
Shmiert Shpammer
Anyways, take a gander at this snippet of my email server's logs :
Happens at regular intervals. So somebody's PC is compromised somewhereCode:"SMTPD" 1332 35 "2007-10-16 02:36:34.441" "196.43.2.30" "RECEIVED: HELO ctb-netw1" "SMTPD" 1332 35 "2007-10-16 02:36:34.441" "196.43.2.30" "SENT: 250 Hello." "SMTPD" 1332 35 "2007-10-16 02:36:34.471" "196.43.2.30" "RECEIVED: MAIL FROM:<jacolza@yahoo.com>" "SMTPD" 1332 35 "2007-10-16 02:36:34.481" "196.43.2.30" "SENT: 250 OK" "SMTPD" 1332 35 "2007-10-16 02:36:34.581" "196.43.2.30" "RECEIVED: RCPT TO:<rbl@saix.net>" "SMTPD" 1332 35 "2007-10-16 02:36:34.591" "196.43.2.30" "SENT: 530 SMTP authentication is required." "SMTPD" 1332 35 "2007-10-16 02:36:34.651" "196.43.2.30" "RECEIVED: QUIT" "SMTPD" 1332 35 "2007-10-16 02:36:34.651" "196.43.2.30" "SENT: 221 goodbye"
Christ-mass is NOT for Christians. Jeremiah 10.Is the 10 Commandments for Christians?
Saturday is the Seventh day, Sunday is the first day.
Shmiert Shpammer
Posting Permissions
Reply With Quote
Bookmarks