- From: Sean Luke <seanl@cs.umd.edu>
- Date: Sat, 12 Aug 2000 14:20:09 -0400 (EDT)
- To: www-rdf-interest@w3.org
Sorry for posting this to the group, but I'm not sure what administrative address at W3C is supposed to get this. I've been getting some spam from www-rdf-interest lately, here's the latest. So I did a little checking, and discovered, holy cow, that W3C, of all organizations, has open mail relays. That's GOT TO GET FIXED IMMEDIATELY. I can just see W3C being added to MAPS and ORBS; that'd be guaranteed an ironic front-page story on Red Herring and Wired. :-) W3C's relays are (this is just amazing) semi-open: they don't allow you to send mail if you say you're from an address outside of W3C, but if you just say you're some address inside, then you're let right on through. Spammers have figured out this little bit of software stupidity in a lot of sites, and are abusing it for email lists. The proper way to close the relay is to get software which actually checks your IP address; that's guaranteed except in the event of spoofing. The spammer simply said he was from www-rdf-interest-request@rdf.org. It's easily repeatable on the victimized box (www18), try it yourself: yo> telnet www18.w3.org 25 Trying 18.29.0.19... Connected to www19.w3.org. Escape character is '^]'. 220 www19.w3.org ESMTP Sendmail 8.9.0/8.9.0; Sat, 12 Aug 2000 14:06:50 -0400 (EDT) MAIL FROM: www-rdf-interest-request@w3.org 250 www-rdf-interest-request@w3.org... Sender ok RCPT TO: www-rdf-interest@w3.org 250 www-rdf-interest@w3.org... Recipient ok And we're in! If the open relay was properly configured as closed, this last line would read: 550 www-rdf-interest@w3.org... Relaying denied Doing some playing with numbers, here's another one: yo> telnet www12.w3.org 25 Trying 18.29.1.22... Connected to slow1.w3.org. Escape character is '^]'. 220 slow1.w3.org ESMTP Sendmail 8.8.8+Sun/8.8.8; Sat, 12 Aug 2000 14:04:33 -0400 (EDT) MAIL FROM: www-rdf-interest-request@w3.org 250 www-rdf-interest-request@w3.org... Sender ok RCPT TO: www-rdf-interest@w3.org 250 www-rdf-interest@w3.org... Recipient ok Here's the forwarded spam, in case anyone didn't get it :-) Sean ---------- Forwarded message ---------- Received: from ringding.cs.umd.edu (ringding.cs.umd.edu [128.8.126.2]) by scruffy.cs.umd.edu (8.9.3/8.9.1) with ESMTP id NAA20550 for <seanl@drinkme.cs.umd.edu>; Sat, 12 Aug 2000 13:39:28 -0400 (EDT) Received: from mimsy.cs.umd.edu (mimsy.cs.umd.edu [128.8.128.8]) by ringding.cs.umd.edu (8.9.3/8.9.1) with ESMTP id NAA18388 for <seanl@ringding.cs.umd.edu>; Sat, 12 Aug 2000 13:39:27 -0400 (EDT) Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by mimsy.cs.umd.edu (8.9.3/8.9.1) with ESMTP id NAA24741 for <seanl@cs.umd.edu>; Sat, 12 Aug 2000 13:39:26 -0400 (EDT) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id IAA07248; Sat, 12 Aug 2000 08:01:15 -0400 (EDT) Resent-Date: Sat, 12 Aug 2000 08:01:15 -0400 (EDT) Resent-Message-Id: <200008121201.IAA07248@www19.w3.org> Date: Sat, 12 Aug 2000 08:00:20 -0400 Message-Id: <200008121200.IAA18544@tux.w3.org> From: Please read this carefully!<inet-commerceman@e-com.net> To: www-rdf-interest@w3.org Mime-Version: 1.0 Subject: Do You want to earn $3000-$4000 or more per month? Resent-From: www-rdf-interest@w3.org X-Mailing-List: <www-rdf-interest@w3.org> archive/latest/1225 X-Loop: www-rdf-interest@w3.org Sender: www-rdf-interest-request@w3.org Resent-Sender: www-rdf-interest-request@w3.org Precedence: list Content-Type: multipart/mixed; boundary="====================54535yqrgwf====" Content-Length: 89129 Have a nice day! Do You want to earn about $3000 per month? If yes just read this e-mail(business_eng.txt)! It`s very eazy and absolutely FREE!!! Good luck!!! Please excuse me if this e-mail disturbed You. ------------------------------------------------------------------------------------------------ Желаю Вам приятного и успешного дня! Это заработок без отрыва от монитора;-) Если Вы проявите некоторый интерес и терпение (а главное, разберетесь, как ЭТО работает), Вы можете хорошо заработать (до 50.000$ и более!!!, это зависит только от Вас) в течение следующих 90 дней. КАЖЕТСЯ НЕВОЗМОЖНЫМ?? Прочитайте документ business_rus.txt и Вы убедитесь, что в этом нет никакой каверзы или обмана. Если Вы полный лентяй (прошу прощение за предположение!!!), то это не для Вас!!! Лучше занимайтесь серфингом или кликайте по баннерам или не занимайтесь ничем. Если будет что-то непонятно - с удовольствием разъясню. С уважением, Игорь. !!!Если предложение Вас ничем не заинтересовало, приношу свои извинения и не надо сердиться ("спам" имеет свои издержки, так же как радио и TV), но не забывайте, что сказал первый миллиардер США Эндрю Карнеги: "Я лучше буду зарабатывать 1% в результате усилий 100 человек, чем 100% в результате своих собственных усилий." P.S. Прикрепленный документ проверен на наличие вирусов, “Троянов” и прочей “нечисти”. Встанете на путь к финансовой независимости и СВОБОДЕ!! НЕ ПРОПУСТИТЕ ЭТУ ВОЗМОЖНОСТЬ! - ЭТО НИЧЕГО НЕ СТОИТ, ТАК ПОЧЕМУ НЕ ПОПРОБОВАТЬ?
Received on Saturday, 12 August 2000 14:20:11 UTC