[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]
[LI] Re: Proposals for LI at IT.COM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello
We at the Coalition Against Unsolicited E-Mail ( CAUCE -
http://www.cauce.org ) have recently formed a chapter in India.
Briefly, CAUCE is a voluntary organization dedicated to fighting spam
(unsolicited commercial / bulk email).
We would like to give a short presentation (or request you people -
especially the Bangalore Linux User Group) to focus on this at the
IT.COM expo.
India is a ticking time bomb - with a huge number of anonymous open
relays (mostly outdated sendmail boxes, insecure Exchange / cc:Mail
networks ...) ready and waiting for the first spammer to misuse them.
- - From my participation in various anti spam groups, and my personal
experience, India is, sadly, becoming a favourite hunting ground for
spammers searching for open relay SMTP servers to relay their spam
through.
Recent examples include -
- - ---------------
[1] BARC - the most well documented case. MilW0rm used several well
documented security holes in the ancient version of sendmail BARC was
running to break in, delete mails etc etc.
[2] tifr.res.in (Tata Institute of Fundamental Research)-
SMI/SVR4, AIX 3.x etc boxes, recently hit by a spammer - leading to a
server crash. The spammer has since been identified by a member of the
SpamL mailing list [*] and I have passed this info to TIFR's syadmin for
further action.
[*] SpamL - mailto:spam-l@xxxxxxxxxxxxxxxxxxxx is an anti spam list of
mail admins / sysadmins of ISPs (like Earthlink / Digex / PSI) / backbone
providers (UUNet) / Web hosts (Verio / Concentric etc) .... as well as
ordinary users who are concerned about the spam problem.
[3] kar.kar.nic.in (National Informatics Center, Bangalore)
SMI/SVR4 box - hit by a spammer. and listed on an anti spam
blacklist called the MAPS RBL (Realtime Blackhole List)
<http://maps.vix.com/rbl/candidacy.html> which shut them off from
over 40% of the Internet.
They have now (after I pointed them to a few resources re this)
upgraded their box to sendmail 8.9.3 and will shortly be delisted from the
RBL.
[3] giascla.vsnl.net.in - VSNL Calcutta - SMI/SVR4 box. No response
from them yet (even after forwarding a copy with full headers) of the
spam, info on how to close their open relays etc etc.
[4] mailbg.vsnl.net.in - VSNL Bangalore. SMI/SVR4 or even older
version of sendmail. No response yet - same as their colleagues in
Calcutta.
etc etc etc.
In fact, a prominent Indian computer mag is running open relays I
pointed this out to them (using the only listed address I have - )
several weeks ago. No response yet.
- - ----------------
We would like to give a short presentation (or request you people -
especially the Bangalore Linux User Group) to focus on this at the
IT.COM expo.
I hope you see the urgency of this problem and will help me (or rather the
entire Internet community in India) in this matter.
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
iQA+AwUBOBLqCJqQidQMDLaoEQIWFACYuoojEsv24fFO5PVZ43bag0rZswCgozR0
da1bURt1ZlMUE8n80YAPDmg=
=tBMH
-----END PGP SIGNATURE-----
Smeagol Gollum | Smeagol@xxxxxxxxxxxx | (aka) Suresh R.
http://www.kcircle.com | http://www.angen.net/~pegasus/
Phone: +(91-40)3736553/3745398 | eFax: +(1-603)590-5437
Headline for the day:
Two convicts evade noose - jury hung
--------------------------------------------------------------------
The Linux India Mailing List Archives are now available. Please search
the archive at http://lists.linux-india.org/ before posting your question
to avoid repetition and save bandwidth.