Hi
I received a abuse notice from abuse dept. that my server is sending spam mails & they were reported. when i contact them that i never send a mail then they give me below reply
Dear Customer,
Thank you for your response. We understand that you may not be aware of the spam from this server. This issue is most likely the result of a third party mailing application that creates its own outbound smtp connection such as dark mailer or fake mailer. This activity may not be identified in the logs of your existing mail server software. Please keep investigate this issue and keep us updated.
Received: from MYSERVER.Com (senangnya.hatiku.apabila.kekasihku.sedang.disini.info [MY SERVER IP]) by rly-dc04.mx.aol.com (v124.15) with ESMTP id MAILRELAYINDC045-b194a6021a752; Fri, 17 Jul 2009 03:00:55 -0400
so please help me how i figure out this problem
Thanks in advance
Full Version: abuse issue : spam from this server
QUOTE (CrazyMaveric @ Jul 20 2009, 08:13 AM) 
Hi
I received a abuse notice from abuse dept. that my server is sending spam mails & they were reported. when i contact them that i never send a mail then they give me below reply
Dear Customer,
Thank you for your response. We understand that you may not be aware of the spam from this server. This issue is most likely the result of a third party mailing application that creates its own outbound smtp connection such as dark mailer or fake mailer. This activity may not be identified in the logs of your existing mail server software. Please keep investigate this issue and keep us updated.
Received: from MYSERVER.Com (senangnya.hatiku.apabila.kekasihku.sedang.disini.info [MY SERVER IP]) by rly-dc04.mx.aol.com (v124.15) with ESMTP id MAILRELAYINDC045-b194a6021a752; Fri, 17 Jul 2009 03:00:55 -0400
so please help me how i figure out this problem
Thanks in advance
I received a abuse notice from abuse dept. that my server is sending spam mails & they were reported. when i contact them that i never send a mail then they give me below reply
Dear Customer,
Thank you for your response. We understand that you may not be aware of the spam from this server. This issue is most likely the result of a third party mailing application that creates its own outbound smtp connection such as dark mailer or fake mailer. This activity may not be identified in the logs of your existing mail server software. Please keep investigate this issue and keep us updated.
Received: from MYSERVER.Com (senangnya.hatiku.apabila.kekasihku.sedang.disini.info [MY SERVER IP]) by rly-dc04.mx.aol.com (v124.15) with ESMTP id MAILRELAYINDC045-b194a6021a752; Fri, 17 Jul 2009 03:00:55 -0400
so please help me how i figure out this problem
Thanks in advance
First, you'll want to make sure you don't have an open relay. Each mail daemon is different, but searching for "Open Relay <mail daemon>" will provide you with a few options for your specific case.
Second, you'll want to explore the option of DNS SPF, which will make it a just little bit harder to spoof emails from your domain using other relays: http://old.openspf.org/dns.html
Optionally, but recommended, you'll want to report to AOL's abuse address the IP address, the time, and any more information you have such as the header or contents of the reported email address.
QUOTE (CrazyMaveric @ Jul 20 2009, 08:13 AM)
Hi
I received a abuse notice from abuse dept. that my server is sending spam mails & they were reported. when i contact them that i never send a mail then they give me below reply
Dear Customer,
Thank you for your response. We understand that you may not be aware of the spam from this server. This issue is most likely the result of a third party mailing application that creates its own outbound smtp connection such as dark mailer or fake mailer. This activity may not be identified in the logs of your existing mail server software. Please keep investigate this issue and keep us updated.
Received: from MYSERVER.Com (senangnya.hatiku.apabila.kekasihku.sedang.disini.info [MY SERVER IP]) by rly-dc04.mx.aol.com (v124.15) with ESMTP id MAILRELAYINDC045-b194a6021a752; Fri, 17 Jul 2009 03:00:55 -0400
so please help me how i figure out this problem
Thanks in advance
I received a abuse notice from abuse dept. that my server is sending spam mails & they were reported. when i contact them that i never send a mail then they give me below reply
Dear Customer,
Thank you for your response. We understand that you may not be aware of the spam from this server. This issue is most likely the result of a third party mailing application that creates its own outbound smtp connection such as dark mailer or fake mailer. This activity may not be identified in the logs of your existing mail server software. Please keep investigate this issue and keep us updated.
Received: from MYSERVER.Com (senangnya.hatiku.apabila.kekasihku.sedang.disini.info [MY SERVER IP]) by rly-dc04.mx.aol.com (v124.15) with ESMTP id MAILRELAYINDC045-b194a6021a752; Fri, 17 Jul 2009 03:00:55 -0400
so please help me how i figure out this problem
Thanks in advance
What the log snippet is showing is that a remote mail server received the email from your server.
Unfortunately finding the source is not an easy task. Nor is it really something we can walk you through. A good place to start is taking a look at your mail queue. See what your users are sending intentionally, and/or unintentionally.
An alternative would be to have our Advanced Services team take a look.
QUOTE (Tomy Durden @ Jul 20 2009, 09:03 AM)
First, you'll want to make sure you don't have an open relay. Each mail daemon is different, but searching for "Open Relay <mail daemon>" will provide you with a few options for your specific case.
Second, you'll want to explore the option of DNS SPF, which will make it a just little bit harder to spoof emails from your domain using other relays: http://old.openspf.org/dns.html
Optionally, but recommended, you'll want to report to AOL's abuse address the IP address, the time, and any more information you have such as the header or contents of the reported email address.
Second, you'll want to explore the option of DNS SPF, which will make it a just little bit harder to spoof emails from your domain using other relays: http://old.openspf.org/dns.html
Optionally, but recommended, you'll want to report to AOL's abuse address the IP address, the time, and any more information you have such as the header or contents of the reported email address.
Hi
thanks for reply & help
But i am very new to servers & i don't know how to do this
will you please guide me
Thansk & regards
QUOTE (CrazyMaveric @ Jul 21 2009, 12:34 AM)
Hi
thanks for reply & help
But i am very new to servers & i don't know how to do this
will you please guide me
Thansk & regards
thanks for reply & help
But i am very new to servers & i don't know how to do this
will you please guide me
Thansk & regards
Unfortunately, I'm unable to guide you through the process as it's fairly complex, and it's not my expertise. Our Advanced Services group might be able to help you out, but they do charge a fee. They're always willing to give you a quote if you wish.
In the e-mail world, you really need to learn how to maintain a mail server or servers.
It is a major part of any business and takes a lot of work.
That applies for every application you maintain.
My suggestion would be to consider Tomy's option as your fix for now.
The longer you have spam flowing through your server, the harder it is going to get removed from RBL's.
Then after the above is fixed, get another server or build one at your office just like your production machine and start to play around. If you break something, start over; it's just a test environment. As long as you learn from mistakes and things that fail, then that is a good thing.
Also, I am sure there are different classes you can find that might help you learn a little more.
Just my 2 cents.
It is a major part of any business and takes a lot of work.
That applies for every application you maintain.
My suggestion would be to consider Tomy's option as your fix for now.
The longer you have spam flowing through your server, the harder it is going to get removed from RBL's.
Then after the above is fixed, get another server or build one at your office just like your production machine and start to play around. If you break something, start over; it's just a test environment. As long as you learn from mistakes and things that fail, then that is a good thing.
Also, I am sure there are different classes you can find that might help you learn a little more.
Just my 2 cents.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.