[afnog] HOW can I stop outgoing spam

saleh ali saleh.shihab at live.com
Tue Sep 27 12:16:39 UTC 2011 

The following email is taken from one of DNSBL , this email is send from my mail server

can u see it and give your comment

*****************************************************************
Return-Path: <edwardsoper20 at yahoo.com.hk>
X-Original-To: in at SPAMTRAP.INVALID
Received: from localhost.localdomain (mail.sustech.edu [41.67.53.23])
	by mail.ixlab.de (Spamtrap) with SMTP
	for in at SPAMTRAP.INVALID; Tue, 27 Sep 2011 06:36:04 +0200 (CEST)
X-DN-AuthenticatedSender: 9WW7EEY3WNJ3MTK4C3EF7KPRYPPPRARK-tqlh0dv1MDNhgx++T
  CQZWlLmXjLyCVXz44L23IN4lxFlLO+i/uU+qWut9c77LHO/---
Return-Path: <edwardsoper20 at yahoo.com.hk>
Received: from 82.128.14.236 ([82.128.14.236])
          by localhost.localdomain (DeskNow) with SMTP ID 539;
          Tue, 27 Sep 2011 07:22:15 +0300 (EAT)
Reply-To: <edwardsoper22 at yahoo.com.hk>
From: "Sgt Edward Soper"<edwardsoper20 at yahoo.com.hk>
Subject: Business Proposal
Date: Mon, 26 Sep 2011 21:21:32 -0700
MIME-Version: 1.0
Content-Type: text/plain;
	charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-Antivirus: avast! (VPS 110804-0, 08/04/2011), Outbound message
X-Antivirus-Status: Clean
X-NiX-Spam-Hash0: 74d2fb7246e0dc5e16178dc03469a63a
X-NiX-Spam-Source-IP: 41.67.53.23
X-NiX-Spam-MX: mail.ixlab.de
X-NiX-Spam-Listed: yes

**********************************************************************************************



> Date: Tue, 27 Sep 2011 11:53:04 +0200
> From: bortzmeyer at nic.fr
> To: saleh.shihab at live.com
> CC: afnog at afnog.org
> Subject: Re: HOW can I stop outgoing spam
> 
> On Tue, Sep 27, 2011 at 12:37:44PM +0300,
>  saleh ali <saleh.shihab at live.com> wrote 
>  a message of 68 lines which said:
> 
> > the behavior is my mail server domain is sustech.edu and I Found
> > some email send to outside and the sender is out of my domain
> > (edwarpor20 at yahoo.com.hk) 
> 
> That's normal for SMTP and quite common (specially if the outside
> domain appears only in the headers, not in the envelope).
> 
> > AND i very sure that my mail server is not an open relay
> 
> Indeed, I got a "551 Relay denied".
> 
> > This Lines from my server log file 
> 
> Several very important pieces of information are missing: IP address
> of the SMTP client (probably a zombie, and probably inside your
> network) and date.
> 
> The knowledge base of DeskNow seems to say that you have to go in
> Administration/Logging and enable 'Debug' and 'Protocol' logging.
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://afnog.org/pipermail/afnog/attachments/20110927/eaabaa16/attachment.html>

More information about the afnog mailing list