Relay for spam?

Bill Stanley bstanle at wowway.com
Wed May 18 19:31:10 UTC 2011 

   <<< snip >>>

> Who is your ISP? Do they supply you with a fixed IP address or a dynamic
> one?
>
> Are they basing this just on your email address being used for spam? Or
> is it you IP address?  This is important because email addresses can be
> spoofed, so almost anyone can send an email 'From' you.  If you use
> Evolution, go into Edit>  Preferences>  select your default account>
> Edit, then put ajp at princeswalk.fsnet.co.uk in the Email address box and
> you will be sending all your mail 'From' me.  Its as easy as that!  I
> know because I have one of the most comprehensively spoofed email
> addresses around, if the non-delivery notices I've been getting lately
> from various Russian email servers is anything to go on.
>
> I don't believe that your ISP would not be so naive as to think your
> email address alone indicates you as the spam source, so if the email
> from your ISP is not a hoax, then they must be identifying the spam from
> the IP address they have given you.  So you either have an open proxy or
> a SMTP mail sever (which sends mail) set up as an open relay.
>
> A proxy server usually is set up so that people on the internal IP
> addresses of a network can access the internet.  An open proxy allows
> anyone on the world wide web who happens to know your IP address to use
> that proxy server. (I talk from bitter experience!)  Unfortunately, they
> don't just use it to browse the web (although it would be a way to
> access illegal pornographic content) but use various http commands to
> relay mail.
>
> By default, SMTP mail servers should not be set up to relay mail.  So
> the mail server I administered only sent out mail originating from our
> internal IP addresses and not 'relay' mail from other external IP
> addresses.  But SMTP mail servers are very easy to set up.  Most Windows
> viruses that send spam have there own built in SMTP mail servers.  Even
> OpenOffice.org/LibreOffice has a built-in SMTP server to send its
> mail-merge emails.
>
> You can go to a site like SORBS (http://www.au.sorbs.net/lookup.shtml)
> to check if your IP address has been identified as an open proxy or an
> open relay.  Sites like Spamcop collect spam emails from people to
> identify IP addresses sending spam and inform ISPs of them. They also
> have a black-list lookup at http://www.spamcop.net/bl.shtml.
>
> So have a word with your ISP and ask them on what basis are the saying
> you are a spammer.  They should know if you are an open proxy or open
> relay.  Let us know what they say so we can help you further.
>

I did check with my ISP and they checked the emails sent from my email 
account and they said they found nothing was unusual.  It obviously was 
a hoax and the attachment, that I never saw was probably deleted by the 
ISP, was probably booby trapped hoping that I opened the attachment and 
this computer was a Windoze machine.

To answer your questions...
1   I use Wowway as my ISP.
2.  I do not have a fixed IP number (The ISP probably uses NAT.
3.  I have a couple email addresses associated with this ISP accounts
     The email address I use for personal emails is not affected so I
     suspect someone is spoofing the email address that I use on this
     forum.
3.  The email client I use is Thunderbird.


Bill Stanley

More information about the ubuntu-users mailing list