You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Moshe Gurvich <mo...@kabbalah.com> on 2004/08/10 19:23:43 UTC
Fwd: ezmlm warning
Forwarded is a message i have received.
It looks like some infected box tried to send a virus with
forged From: <sp...@incubator.apache.org>
To: <mo...@kabbalah.com>
Of course our mail server didn't accept the message, it was bounced, so ezmlm
threatens to remove my address from mailing list, because of this bounce.
Can this effectively render DoS attack?
Thank you
---------- Forwarded Message ----------
Subject: ezmlm warning
Date: Tuesday 10 August 2004 10:08 am
From: spamassassin-users-help@incubator.apache.org
To: moshe.gurvich@kabbalah.com
Hi! This is the ezmlm program. I'm managing the
spamassassin-users@incubator.apache.org mailing list.
Messages to you from the spamassassin-users mailing list seem to
have been bouncing. I've attached a copy of the first bounce
message I received.
If this message bounces too, I will send you a probe. If the probe bounces,
I will remove your address from the spamassassin-users mailing list,
without further notice.
I've kept a list of which messages from the spamassassin-users mailing list
have bounced from your address.
Copies of these messages may be in the archive.
To retrieve a set of messages 123-145 (a maximum of 100 per request),
send an empty message to:
<sp...@incubator.apache.org>
To receive a subject and author list for the last 100 or so messages,
send an empty message to:
<sp...@incubator.apache.org>
Here are the message numbers:
13395
--- Enclosed is a copy of the bounce message I received.
Return-Path: <>
Received: (qmail 72665 invoked for bounce); 29 Jul 2004 21:36:01 -0000
Date: 29 Jul 2004 21:36:01 -0000
From: MAILER-DAEMON@apache.org
To: spamassassin-users-return-13395-@incubator.apache.org
Subject: failure notice
Hi. This is the qmail-send program at apache.org.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<mo...@kabbalah.com>:
64.239.129.105 failed after I sent the message.
Remote host said: 550 5.7.1 Message content rejected, id=13838-1 - BANNED:
P=p001,M=text/plain,T=asc | P=p002,N=document.pif
-------------------------------------------------------
Re: Fwd: ezmlm warning
Posted by Dougie Nisbet <do...@highmoor.co.uk>.
On Tuesday 10 August 2004 18:23, Moshe Gurvich wrote:
>
> Of course our mail server didn't accept the message, it was bounced, so
It wasn't bounced, it was rejected...
:-)
Re: Fwd: ezmlm warning
Posted by Robert Menschel <Ro...@Menschel.net>.
Hello Moshe,
Tuesday, August 10, 2004, 10:23:43 AM, you wrote:
MG> Forwarded is a message i have received.
MG> It looks like some infected box tried to send a virus with
MG> forged From: <sp...@incubator.apache.org>
MG> To: <mo...@kabbalah.com>
MG> Of course our mail server didn't accept the message, it was bounced, so ezmlm
MG> threatens to remove my address from mailing list, because of this bounce.
MG> Can this effectively render DoS attack?
That depends on the ezmlm parameters.
If there's a point at which ezmlm terminates subscribers because of such
rejects, without doing that "test message, then probe" thing, then yes,
that could be a DoS.
However, if ezmlm always sends the test message, then even if 5k messages
with viruses, illegal attachments (*.eml), etc., get rejected, ezmlm will
send you the test message, which won't bounce, and everything will
continue the way it should.
Bob Menschel