[Mimedefang] New spammer trick?

Justin justin at othius.com
Wed Nov 26 20:24:16 EST 2003


On Wed, 26 Nov 2003, Jim McCullars wrote:
> On Wed, 26 Nov 2003, Ben Kamen wrote:
>
> > In argument though - one of the prime sources I get spam from is
> > rr.com from both the consumer and biz IP's.
> >
> > rr.com has been a singular pain the in butt in terms of spam for me.
>
>    Same here.  Their security site claims that they scan customers for
> relay vulnerabilities, but we get spammed by them all the time.

Running a private mail service for family & friends through an rr.com
dynamic IP, I have three things to say:

 1) Please dont block my mail :(
 2) rr.com *does* scan their customers. They scan about seven different
ports, and if they find an SMTP listener they will open-relay test it with
several messages. Once a week my periodic mails show their failed
attempts to relay through me. I assume they test the other ports similarly
if they're found to be open (CONNECT attempts on 8080, for instance).
 3) I much prefer this to any sort of inbound port blocking.

And, not that I want one, but how did you guys get rr.com e-mail
addresses? Twice the only thing the cable guy has done is leave me a modem
when left me the cable box, and twice I have connected it myself, never
hearing from them again.

 -Justin



More information about the MIMEDefang mailing list