North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: AOL holes again.
- From: Derek J. Balling
- Date: Tue Mar 20 13:16:49 2001
At 9:57 AM -0800 3/20/01, Eric A. Hall wrote:
Actually it appears to be a problem with earthlink (nee mindspring). I've
been gettting a lot of spam from their server lately, and judging from the
headers it appears the mindspring servers are configured to relay mail
from any system that puts [mail.]mindspring.com in the HELO banner.
For example:
| Received: from mail.mindspring.com (pool-63.49.172.115.troy.grid.net
| [63.49.172.115]) by smtp10.atl.mindspring.net (8.9.3/8.8.5) with SMTP
| id VAA09132; Mon, 19 Mar 2001 21:24:44 -0500 (EST)
I've probably gotten a couple of dozen such spams over the past week,
sourced from all over, with the common flag being [mail.]mindspring.com in
the source spammer's HELO banner.
Of course I've tried to tell earthlink/mindspring about it but all I get
back is a stupid form letter and no action.
AOL's servers did the right thing if this is what they reacted to.
There's been talk on SPAM-L that AOL has been forming its own
"ORBS-like list" of open relays, and reacting/rejecting/dropping
according to some internal criteria. Seems that if you send mail to
AOL, then (according to Lorin), they "will feel free to test your
server for relayability" (paraphrased)...
Considering how poorly lots of Earthlink servers have historically
been configured, it doesn't surprise me at all that a bunch of them
were listed and had their mail dropped as probable spam.
Now, if only AOL would make the list available for public use, we
could all block Earthlink. ;-)
D
--
+---------------------+-----------------------------------------+
| dredd@megacity.org | "Conan! What is best in life?" |
| Derek J. Balling | "To crush your enemies, see them |
| | driven before you, and to hear the |
| | lamentation of their women!" |
+---------------------+-----------------------------------------+
|
