Email security question - X Nations
      
      
Main Forum Resources Arcade
Go Back   X Nations > X Nations > General Webmaster Business and Discussions
Reload this Page Email security question

Reply
 
Thread Tools Display Modes
Old 04-18-2003, 01:26 AM   #1
Danbo
Danbo should edit this
Is this thing on?
 
Danbo's Avatar
 
Join Date: Apr 2003
Location: Portland, OR
Posts: 15
xBucks: 337
Send a message via ICQ to Danbo
Default Email security question
Hi!

If anyone knows - how can I find out where someone is sending emails from? Some asshole is sending spam through my server somehow - I'm getting returned emails with madeup email addresses on my domain - I can lock them out of the server, but I can't figure out who to lock out, since the emails come back with my domain as the point of origin! Help!!
__________________
<p style="margin-top: 0; margin-bottom: 0"><font size="2" face="Verdana">
<a href="http://www.xrecips.com">Link Intelligently.</a></font><BR><BR><A HREF="http://sigswap.com/cgi-bin/swap/ads.pl?member=danbo;button=NonSSI;page=567069" TARGET="_blank"><IMG SRC="http://sigswap.com/cgi-bin/swap/ads.pl?member=danbo;page=567069" WIDTH=120 HEIGHT=60 BORDER=0></A>
Danbo is offline   Reply With Quote
Old 04-18-2003, 10:35 AM   #2
Evil Chris
Evil Chris is drinking Heineken
Clone of myself
 
Evil Chris's Avatar
 
Join Date: Aug 2002
Location: Montreal
Posts: 12,983
xBucks: 323,222
Send a message via ICQ to Evil Chris Send a message via AIM to Evil Chris Send a message via Skype™ to Evil Chris
Default
Hey Danbo... sounds as though someone is spoofing mass mailings through your mail server. Get with your ISP tech staff and they can stop it.
__________________

Our Experience Payze
chris at payze.com | ICQ 342827
Evil Chris is offline   Reply With Quote
Old 04-18-2003, 10:40 AM   #3
Mister X
Mister X should edit this
FunB Fan Club Prez
 
Mister X's Avatar
 
Join Date: Aug 2002
Location: Montreal baby!
Posts: 1,997
xBucks: 10,523
Send a message via ICQ to Mister X
Default
You need to be checking your server logs. You should be able to get the ip address that way. And you might want to look at the way sendmail is configured.
__________________
<table width="95%" border="0"><tr><td><font size="-2"><a href="http://refer.ccbill.com/cgi-bin/clicks.cgi?CA=923906-0000&PA=462029&HTML=http://www.eromodelcash.com">Eromodel Cash. Promote it now!</a></font></td><td><div align="right"><font size="-2"><a href="http://www.eromodelgroup.com">Eromodel Group- for ALL your needs </a></font></div></td><td width="125" rowspan="3"><div align="right"><a href="http://refer.ccbill.com/cgi-bin/clicks.cgi?CA=923906-0000&PA=462029&HTML=http://www.eromodelcash.com"><img src="http://www.eromodelcash.com/Banner/00102.gif" width="120" height="60" border="0"></a></div></td></tr><tr><td width="40%"><font size="-2"><a href="http://www.lannibarbie.com">Lanny Barbie is THE Hottest New Pornstar</a></font></td><td><div align="right"><font size="-2"><a href="mailto:stewREMOVE@eromodelgroup.com?Subject= Hi%20There">Contact Me</a></font></div></td></tr><tr><td><a href="http://www.judystarxxx.com"><font size="-2">JudyStarXXX.com</font></a></td><td><div align="right"><font size="-2">ICQ #165144564</font></div></td></tr></table>
Mister X is offline   Reply With Quote
Old 04-18-2003, 12:55 PM   #4
Danbo
Danbo should edit this
Is this thing on?
 
Danbo's Avatar
 
Join Date: Apr 2003
Location: Portland, OR
Posts: 15
xBucks: 337
Send a message via ICQ to Danbo
Default
Quote:
Originally posted by Mister X
You need to be checking your server logs. You should be able to get the ip address that way. And you might want to look at the way sendmail is configured.
I'm so dumb! I've checked my server logs, but I don't really know what I'm looking for - how do I determine (if anyone knows) which IP is the offender?

Also, I've contacted my ISP - they told me to report it to their 'abuse' center, but even they can't figure out how this guy is doing it!! My sendmail program is set up properly, all of my security is in place - I guess my question is: HOW? How is this person able to spoof my server like this, without access to any of the secure areas of the server?
__________________
<p style="margin-top: 0; margin-bottom: 0"><font size="2" face="Verdana">
<a href="http://www.xrecips.com">Link Intelligently.</a></font><BR><BR><A HREF="http://sigswap.com/cgi-bin/swap/ads.pl?member=danbo;button=NonSSI;page=567069" TARGET="_blank"><IMG SRC="http://sigswap.com/cgi-bin/swap/ads.pl?member=danbo;page=567069" WIDTH=120 HEIGHT=60 BORDER=0></A>
Danbo is offline   Reply With Quote
Old 04-18-2003, 01:09 PM   #5
Feynman
Feynman should edit this Edit
Guest
 
Posts: n/a
xBucks: 0 [Check]
Default
Check out http://samspade.org/

Download the application, it's fantastic.

Also, read the stuff in their library section. You'll find there all you want to know.
  Reply With Quote
Old 04-18-2003, 06:16 PM   #6
Danbo
Danbo should edit this
Is this thing on?
 
Danbo's Avatar
 
Join Date: Apr 2003
Location: Portland, OR
Posts: 15
xBucks: 337
Send a message via ICQ to Danbo
Default
Quote:
Originally posted by Feynman
Check out http://samspade.org/
Download the application, it's fantastic.
Also, read the stuff in their library section. You'll find there all you want to know.
Thanks, I caught the little prick!

I used Traceroute and IPWhois and found him on SBC's network - they cut off his internet service, shut down his website, and reported him to the FBI!! Awesome!!

Once again, thanks to all who helped - this was a tough nut to crack! The only bad thing is, it can happen again - as I've learned today, there is no such thing as 'total' security...just have to keep on guard!!
__________________
<p style="margin-top: 0; margin-bottom: 0"><font size="2" face="Verdana">
<a href="http://www.xrecips.com">Link Intelligently.</a></font><BR><BR><A HREF="http://sigswap.com/cgi-bin/swap/ads.pl?member=danbo;button=NonSSI;page=567069" TARGET="_blank"><IMG SRC="http://sigswap.com/cgi-bin/swap/ads.pl?member=danbo;page=567069" WIDTH=120 HEIGHT=60 BORDER=0></A>
Danbo is offline   Reply With Quote
Old 04-18-2003, 08:11 PM   #7
Mister X
Mister X should edit this
FunB Fan Club Prez
 
Mister X's Avatar
 
Join Date: Aug 2002
Location: Montreal baby!
Posts: 1,997
xBucks: 10,523
Send a message via ICQ to Mister X
Default
Congrats on nailing the sucker! Sendmail is never going to be 100% secure so if you don't actually need it you should consider getting it disabled.
__________________
<table width="95%" border="0"><tr><td><font size="-2"><a href="http://refer.ccbill.com/cgi-bin/clicks.cgi?CA=923906-0000&PA=462029&HTML=http://www.eromodelcash.com">Eromodel Cash. Promote it now!</a></font></td><td><div align="right"><font size="-2"><a href="http://www.eromodelgroup.com">Eromodel Group- for ALL your needs </a></font></div></td><td width="125" rowspan="3"><div align="right"><a href="http://refer.ccbill.com/cgi-bin/clicks.cgi?CA=923906-0000&PA=462029&HTML=http://www.eromodelcash.com"><img src="http://www.eromodelcash.com/Banner/00102.gif" width="120" height="60" border="0"></a></div></td></tr><tr><td width="40%"><font size="-2"><a href="http://www.lannibarbie.com">Lanny Barbie is THE Hottest New Pornstar</a></font></td><td><div align="right"><font size="-2"><a href="mailto:stewREMOVE@eromodelgroup.com?Subject= Hi%20There">Contact Me</a></font></div></td></tr><tr><td><a href="http://www.judystarxxx.com"><font size="-2">JudyStarXXX.com</font></a></td><td><div align="right"><font size="-2">ICQ #165144564</font></div></td></tr></table>
Mister X is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Forum Jump

X Nations Adult Webmasters - Archive - Top
Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
vBCredits v1.4 Copyright ©2007 - 2008, PixelFX Studios
2013 - xnations.com
All times are GMT -4. The time now is 11:33 PM.
Skin by vBCore.com