LISTSERV - LSTOWN-L Archives - COMMUNITY.EMAILOGY.COM

LSTOWN-L Archives

LISTSERV List Owners' Forum

LSTOWN-L

	LISTSERV Archives
	LSTOWN-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]

Re: need help error messages

Kevin Parris <[log in to unmask]>

Wed, 12 Apr 2006 10:05:20 -0400

text/plain (64 lines)

We would need to see the original message that came with the error
report, in order to gain any real clues about what may be going on.  A
possible scenario is one of your subscribers has picked up a virus which
has used your list-address in the From: field of the messages it
generates, and your list/site is seeing various responses to some of
that from places your list has never been, but where your infected
subscriber has gone.

I've actually seen traffic addressed to some of the lists here saying
"you are not allowed to post" to lists on other sites we have no contact
with - but sometimes the names are such that I can recognize why some of
our subscribers would be subscribed there too.... hence both our lists
and the other site's lists are in a common address book for viruses or
spam engines to play with. In other words, the virus/spammer generated a
message with a list here as the From: and a list there as the To:
value.

Your list might also have been found worthy of inclusion in one or
another spammer address list somewhere, some of the lists here have
gained this wretched honor.

>>> [log in to unmask] 4/11/2006 9:13:23 PM >>>
Hello LISTSERV,

Within the last week, I've been getting reports from the system that
some messages could not be delivered.  But the undeliverable messages
were FROM someone I've never heard of and it's clearly spam and I don't
even know how my particular list is involved.  Here's one of the error
messages (to which the bogus message was attached):

The enclosed message, found in the ZFW-TMU mailbox and shown under the
spool ID
25704  in the  system log,  has been  identified as  a possible 
delivery error
notice for  the following reason: mail  origin is listed in  the
"Filter=" list
header keyword (or its default value for the ZFW-TMU list).

At the same time I started getting these, I started getting monitor
reports from the same list on subscribers who - well, they're NOT
subscribed.

Example:

The following 2 subscribers are currently being monitored: 
Err First Last  Address
--- ----- ----- -------
  1 04/08 04/08 [log in to unmask] 
                Last error: 5.1.1 Unspecified; usually "Bad destination
mailbox
                            address"

  1 04/08 04/08 [log in to unmask] 
                Last error: 5.0.0 X-Postfix; unknown user: "abhilasha"


Again, neither of these addresses are subscribed to the list in
question.
Interesting but how do I stop this?  

-- 
Best regards,
 Tim

ATOM RSS1 RSS2

COMMUNITY.EMAILOGY.COM