[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] warning - early poprelay patch is invalid
- Subject: Re: [cobalt-security] warning - early poprelay patch is invalid
- From: "jbay" <jbay@xxxxxxxxxxxx>
- Date: Fri, 13 Jul 2001 13:21:40 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> http://members.iinet.net.au/~remmie/relay/
>
> and found that i was an open relay for the last week.
I think it's rather odd that this web page, when it finds a machine it can't
relay through (mine) reports:
"FAILURE - Unfortunately the program failed because...The host machine does
not relay"
"Unfortunately"!? hmmm. Well, this page looks like a good candidate for
spammers to use to look for relays. I've null-routed it here; I don't want
anyone looking at our machines via that domain period. And who knows what
it's doing with the data it collects on machines that DO relay. Nothing good
can come of having a page like that kicking around. For all we know, it
takes a 'positive' output and forwards it to a dozen spammer mailing lists.
abuse.org had something like that online at one time, I think, but now they
only let you check from the machine you suspect is open; go to shell prompt
on the suspect machine, and telnet relay-test.mail-abuse.org -- it'll tell
you if you're open.
also, the rpm you installed is out of date; the up-to-date one is
poprelayd-2.0-5.noarch.rpm, not poprelayd-2.0-4.noarch.rpm