In a message written on Fri, Oct 10, 2003 at 11:59:56AM -0400, Scott Stursa wrote:
They are blocking only the server where we put undergraduate accounts, over 60% of which have forwarding set, most frequently to Hotmail, Yahoo and AOL accounts. When the spam volume coming in here gets too high, our server *appears* to be an open relay (which it is not).
This happens to my server a couple of times a week, but I've noticed a slightly different pattern. I also run a mail forwarding service. What I notice is Yahoo seems to delete a few accounts (not sure if this is an inactive deletion, suspension, user closing, or what, all I know is it delivers right before, and then gets "user unknown" right after). About 10-30 minutes later, typically from a few spams to the user-unknown addresses, the server gets blocked with "too many attempts to unknown addresses". Now, here's the problem, it now returns that for every yahoo e-mail. So all the other people with forwards break, and more importantly there is _NO_ way to tell what userid's are valid or not, short of going back through the logs and finding the 10-30 minute window where you got user unknown. It can be a large amount of work. It also of course backs up mail queues since they are returning temporary errors for everything. I have never had a similar problem with AOL or hotmail. I submitted requests for help via their web form and they were just ignored. -- Leo Bicknell - bicknell@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org