GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Need help RE: Spam... what's all this mean? (https://gfy.com/showthread.php?t=135010)

psyko514 05-18-2003 01:09 PM
Need help RE: Spam... what's all this mean?
 
First, I got an email like this:

BEGINABCDFORMMAIL*MYDOMAIN*.com/cgi-sys/formmail.plTSTSendMailTSTENDABCD

where *MYDOMAIN* is one of my domain names.

and then approx 300 emails similar to this:

The original message was received at Sun, 18 May 2003 07:05:10 -0400 (EDT)
from server10.webhost.com [66.XXX.XXX.212]


*** ATTENTION ***

Your e-mail is being returned to you because there was a problem with its delivery. The address which was undeliverable is listed in the section labeled: "----- The following addresses had permanent fatal errors -----".

The reason your mail is being returned to you is listed in the section labeled: "----- Transcript of Session Follows -----".

The line beginning with "<<<" describes the specific reason your e-mail could not be delivered. The next line contains a second error message which is a general translation for other e-mail servers.

Please direct further questions regarding this message to your e-mail administrator.

--AOL Postmaster



----- The following addresses had permanent fatal errors -----
<[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>

----- Transcript of session follows -----
... while talking to air-yb03.mail.aol.com.:
>>> RCPT To:<[email protected]>
<<< 550 jusev IS NOT ACCEPTING MAIL FROM THIS SENDER
550 <[email protected]>... User unknown
>>> RCPT To:<[email protected]>
<<< 550 MAILBOX NOT FOUND
550 <[email protected]>... User unknown
>>> RCPT To:<[email protected]>
<<< 550 MAILBOX NOT FOUND
550 <[email protected]>... User unknown
>>> RCPT To:<[email protected]>
<<< 550 MAILBOX NOT FOUND
550 <[email protected]>... User unknown
>>> RCPT To:<[email protected]>
<<< 550 MAILBOX NOT FOUND
550 <[email protected]>... User unknown
>>> RCPT To:<[email protected]>
<<< 550 jusenuf00 IS NOT ACCEPTING MAIL FROM THIS SENDER
550 <[email protected]>... User unknown
>>> RCPT To:<[email protected]>
<<< 550 MAILBOX NOT FOUND
550 <[email protected]>... User unknown

psyko514 05-18-2003 01:12 PM
now it seems to me somebody is not only using my server to send out spam, but they're using me as a reply-to address as well, so i'm getting all the bounced emails? am i correct?

Why 05-18-2003 01:14 PM
it has to do with the headers in your formmail, the email that all errors and bounces to is yours so they are all coming to you.

if you need help securing this hit me on icq.

psyko514 05-18-2003 01:15 PM
ok, nevermind, problem solved:
found this amongst all the bounced spam:

"There has been a security hole found that allows formail to be used by unauthorized persons. In effect allowing spam to be sent from your domain. This hole is found in the following scripts."

vending_machine 05-18-2003 01:18 PM
Quote:
Originally posted by psyko514
ok, nevermind, problem solved:
found this amongst all the bounced spam:

"There has been a security hole found that allows formail to be used by unauthorized persons. In effect allowing spam to be sent from your domain. This hole is found in the following scripts."
Yeah, get the latest formmail script and replace the one you have. The old ones have a serious security hole that spammers love :)


All times are GMT -7. The time now is 07:18 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123