[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

[LI] Re: Proposals for LI at IT.COM



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello

We at the Coalition Against Unsolicited E-Mail ( CAUCE - 
http://www.cauce.org ) have recently formed a chapter in India.  

Briefly, CAUCE is a voluntary organization dedicated to fighting spam
(unsolicited commercial / bulk email).

We would like to give a short presentation (or request you people -
especially the Bangalore Linux User Group) to focus on this at the
IT.COM expo.  

India is a ticking time bomb - with a huge number of anonymous open
relays (mostly outdated sendmail boxes, insecure Exchange / cc:Mail
networks ...) ready and waiting for the first spammer to misuse them.

- - From my participation in various anti spam groups, and my personal
experience, India is, sadly, becoming a favourite hunting ground for
spammers searching for open relay SMTP servers to relay their spam
through.

Recent examples include -

- - ---------------

[1] BARC - the most well documented case.  MilW0rm used several well
documented security holes in the ancient version of sendmail BARC was
running to break in, delete mails etc etc.

[2] tifr.res.in (Tata Institute of Fundamental Research)- 

SMI/SVR4, AIX 3.x etc boxes, recently hit by a spammer - leading to a
server crash.  The spammer has since been identified by a member of the
SpamL mailing list [*] and I have passed this info to TIFR's syadmin for
further action.

[*] SpamL - mailto:spam-l@xxxxxxxxxxxxxxxxxxxx is an anti spam list of
mail admins / sysadmins of ISPs (like Earthlink / Digex / PSI) / backbone
providers (UUNet) / Web hosts (Verio / Concentric etc) .... as well as
ordinary users who are concerned about the spam problem.

[3] kar.kar.nic.in (National Informatics Center, Bangalore) 

SMI/SVR4 box - hit by a spammer.  and listed on an anti spam 
blacklist called the MAPS RBL (Realtime Blackhole List) 
<http://maps.vix.com/rbl/candidacy.html> which shut them off from 
over 40% of the Internet.  

They have now (after I pointed them to a few resources re this)
upgraded their box to sendmail 8.9.3 and will shortly be delisted from the
RBL.

[3] giascla.vsnl.net.in - VSNL Calcutta - SMI/SVR4 box.  No response
from them yet (even after forwarding a copy with full headers) of the
spam, info on how to close their open relays etc etc.

[4] mailbg.vsnl.net.in - VSNL Bangalore.  SMI/SVR4 or even older
version of sendmail.  No response yet - same as their colleagues in
Calcutta.

etc etc etc.  

In fact, a prominent Indian computer mag is running open relays I 
pointed this out to them (using the only listed address I have - ) 
several weeks ago.  No response yet.  

- - ----------------

We would like to give a short presentation (or request you people - 
especially the Bangalore Linux User Group) to focus on this at the  
IT.COM expo.   

I hope you see the urgency of this problem and will help me (or rather the
entire Internet community in India) in this matter.



-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60 

iQA+AwUBOBLqCJqQidQMDLaoEQIWFACYuoojEsv24fFO5PVZ43bag0rZswCgozR0
da1bURt1ZlMUE8n80YAPDmg=
=tBMH
-----END PGP SIGNATURE-----

Smeagol Gollum | Smeagol@xxxxxxxxxxxx | (aka) Suresh R.
http://www.kcircle.com | http://www.angen.net/~pegasus/
Phone: +(91-40)3736553/3745398 | eFax: +(1-603)590-5437
Headline for the day:
   Two convicts evade noose - jury hung

--------------------------------------------------------------------
The Linux India Mailing List Archives are now available.  Please search
the archive at http://lists.linux-india.org/ before posting your question
to avoid repetition and save bandwidth.