August 6th, 2009 by Stargazer
Is it me John Wayne, is it you?
Some spammers can really drive you mad – especially if they are doing things like that. Looking at my mailserver logs I have found some strange IP addresses like 123.27.3.81, 222.252.80.188 or 123.16.13.188 which are resolving to ‘localhost’ regarding to their reverse DNS. In other words, a bad configured mailserver thinks that the mail comes from itself and offers special treatment to that messages – which usually means they bypass the spamfilter. The problem can be solved quite simple by using ’127.0.0.1′ instead of ‘localhost’ in your configuration files and you got green conditions again.
This entry was posted on Thursday, August 6th, 2009 at 12:20 and is filed under Malware. Tags: mail, spam. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
[lang_de]Reverse DNS heisst doch, dass der Provider da auch drin steckt? Zumindest der Admin des Netzes…?[/lang_de][lang_en]Messing with the reverse dns is evil. But isn’t that something the IP Range owner got to do?[/lang_en]
[lang_de]Normalerweise bieten Hosting-Provider Web-Interfaces an um sowas einzustellen. Es stellt sich nun die Frage wer da dran schuld ist. Die IPs scheinen aus dem Vietnam zu kommen. Das sollte Einiges erklären…[/lang_de][lang_en]Usually big hosting providers are offering web interfaces for setting up reverse dns entries. So the question is, who’s fault it really is. Nevertheless – the IPs seem to be located in Vietnam which explains quite a few things…[/lang_en]