Jump to content

Exchange 5.5 open proxy help


datarepro

Recommended Posts

I have been listed for having 1). An open socks proxy 2). An open HTTP proxy on my Exchange 5.5 server.

I have spent some time here looking for configuration solutions to these issues, and have not found anything helpful. So either I have missed it, or not been able to find it.

So, if anyone is able to point me to the information to take care of the two problems, or has the help I need, I would appreciate any helpful items.

Thank you.

Link to comment
Share on other sites

If this is you haven't you been monitoring your abuse address?

Looks like this has been going on for a long time and many spammers have been using your server to send their spam.

If I were you I would unplug this machine from the net untill you get it fixed.

SPAMCOP SpamCop Blocking List: bl.spamcop.net -> 127.0.0.2

Blocked - see http://www.spamcop.net/bl.shtml?66.134.113.154

DSBLLIST Distributed Sender Boycott List: single-stage relays tested by trusted users: list.dsbl.org -> 127.0.0.2

http://dsbl.org/listing?66.134.113.154

DSBLUNCONFIRMED Distributed Sender Boycott List: single-stage relays, multihop relays and listings by anonymous users: unconfirmed.dsbl.org -> 127.0.0.2

http://dsbl.org/listing?66.134.113.154

PSBL Passive spam Block List: psbl.surriel.com -> 127.0.0.2

Listed in PSBL, see http://psbl.surriel.com/listing?ip=66.134.113.154

AHBL The Abusive Hosts Blocking List: dnsbl.ahbl.org -> 127.0.0.3

Open Proxy - http://www.ahbl.org/tools/lookup.php?ip=66.134.113.154

UCEPROTECTL1 UCEPROTECT®-Network Project - Level 1: dnsbl-1.uceprotect.net -> 127.0.0.2

Sorry, IP 66.134.113.154 is blacklisted at Level 1 by UCEPROTECT-Network see http://www.uceprotect.net

SORBS spam and Open Relay Blocking System: Aggregate zone: dnsbl.sorbs.net -> 127.0.0.2 -> 127.0.0.3

HTTP Proxy See: http://www.dnsbl.sorbs.net/lookup.shtml?66.134.113.154

SOCKS Proxy See: http://www.dnsbl.sorbs.net/lookup.shtml?66.134.113.154

SORBSHTTP List of Open HTTP Proxy Servers.: http.dnsbl.sorbs.net -> 127.0.0.2

HTTP Proxy See: http://www.dnsbl.sorbs.net/lookup.shtml?66.134.113.154

SORBSSOCKS List of Open SOCKS Proxy Servers.: socks.dnsbl.sorbs.net -> 127.0.0.3

SOCKS Proxy See: http://www.dnsbl.sorbs.net/lookup.shtml?66.134.113.154

DNSBLAUT1 Reynolds Technology Type 1: t1.dnsbl.net.au -> 127.0.0.2

http://dsbl.org/listing?66.134.113.154

66.134.113.154 See http://www.dnsbl.sorbs.net/cgi-bin/lookup?...=66.134.113.154

66.134.113.154 See http://dnsbl.ahbl.org/ and http://dnsbl.net.au/lookup/?ip=66.134.113.154

DNSBLAUDSBL Distributed Server Boycott List: dsbl.dnsbl.net.au -> 127.0.0.2

http://dsbl.org/listing?66.134.113.154

DNSBLAUSORBS External Block List - SORBS: sorbs.dnsbl.net.au -> 127.0.0.2

66.134.113.154 See http://www.dnsbl.sorbs.net/cgi-bin/lookup?...=66.134.113.154

Link to comment
Share on other sites

Yep, that's me. This really sucks. I work 45 hours a week on things other than being the network admin. And when SH** like this happens, I have to figure out why. I know it's a lame excuse from another incompetent network admin, but I at least I am trying to get it resolved.

Could not find anything to specifcally "fix" the proxy trouble in Exchange 5.5, and MS does not post much on 5.5 anymore.

I think I will trash it, and get a new OS.

Link to comment
Share on other sites

I have been listed for having 1). An open socks proxy 2). An open HTTP proxy on my Exchange 5.5 server.

I have spent some time here looking for configuration solutions to these issues, and have not found anything helpful.  So either I have missed it, or not been able to find it.

So, if anyone is able to point me to the information to take care of the two problems, or has the help I need, I would appreciate any helpful items.

Thank you.

24074[/snapback]

AIUI Exchange was never designed to be, and never should be connected directly to the internet. Wiser people than me have said that the only real solution is to put a 'nix box between it and that plug in the wall!

Link to comment
Share on other sites

I doubt the nix box will help if the spammers are authenticating themselves.

That is where your problem is, they are using an SMTP AUTH Hack. The mail even though it is wrong it is still being sent through your exchange box because the perps have authenticated themselves as a proper user.

Good luck and keep us posted.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...