xtra mail server - is this mail delivery system message genuine

Discussion in 'NZ Computing' started by nod, Oct 21, 2007.

  1. nod

    nod Guest

    I have just received an email
    from Mail Delivery System
    to
    subject Undelivered Mail Returned to Sender

    with an attachment Tatyana from Russia(4.11KB) which I have not
    opened


    The reason I am puzzled is because although I maintain a minimal xtra
    account and still receive a few emails through it, a couple of months
    ago I switched to IHUG and cannot now send emails out through xtra
    unless I go to their webmail page which I have not done for two
    months.

    The message is:

    This is the mail system at host akvs4.plain.net.nz.

    I'm sorry to have to inform you that your message could not
    be delivered to one or more recipients. It's attached below.

    For further assistance, please send mail to postmaster.

    If you do so, please include this problem report. You can
    delete your own text from the attached returned message.

    The mail system

    <>: host 210.54.239.243[210.54.239.243] said: 550 No
    such
    recipient (in reply to RCPT TO command)

    Is this a genuine message? OR is it a clever way to get me to open
    the attachment ?

    If it is genuine then what is happening on the xtra mail server that
    emails are being sent out from me ?

    I am not interested in further lambasting Xtra - - I am interested in
    how the mail servers work that would explain how this could have
    happened.

    Thanks

    N
     
    nod, Oct 21, 2007
    #1
    1. Advertising

  2. On Mon, 22 Oct 2007 11:04:45 +1300, nod wrote:

    > The reason I am puzzled is because although I maintain a minimal xtra
    > account and still receive a few emails through it, a couple of months
    > ago I switched to IHUG and cannot now send emails out through xtra
    > unless I go to their webmail page which I have not done for two
    > months.


    For quite some time now Telecom/Xtra has prevented people from using its
    SMTP server unless you were connecting to it from within its network.

    To be fair, Telecom is not the only ISP to do this. However, it is very
    inconvenient for its customers who also use some other ISP.


    --
    Jonathan Walker

    "The IT industry landscape is littered with the dead
    dreams of people who once trusted Microsoft."
     
    Jonathan Walker, Oct 21, 2007
    #2
    1. Advertising

  3. nod

    EMB Guest

    nod wrote:

    > I am not interested in further lambasting Xtra - - I am interested in
    > how the mail servers work that would explain how this could have
    > happened.


    You've been joe jobbed.

    http://en.wikipedia.org/wiki/Joe_job
     
    EMB, Oct 21, 2007
    #3
  4. nod

    nod Guest

    On 22 Oct 2007 11:12:53 +1300, Jonathan Walker <>
    wrote:

    >On Mon, 22 Oct 2007 11:04:45 +1300, nod wrote:
    >
    >> The reason I am puzzled is because although I maintain a minimal xtra
    >> account and still receive a few emails through it, a couple of months
    >> ago I switched to IHUG and cannot now send emails out through xtra
    >> unless I go to their webmail page which I have not done for two
    >> months.

    >
    >For quite some time now Telecom/Xtra has prevented people from using its
    >SMTP server unless you were connecting to it from within its network.
    >
    >To be fair, Telecom is not the only ISP to do this. However, it is very
    >inconvenient for its customers who also use some other ISP.


    You have missed the point of my posting Jonathon. I was no complaining
    about the fact I cannot send out email through the xtra server. The
    reason I mention that fact was to show that I could not inadvertently
    have sent the email that has been returned to me.
     
    nod, Oct 21, 2007
    #4
  5. nod

    nod Guest

    On Mon, 22 Oct 2007 11:18:24 +1300, EMB <> wrote:

    >nod wrote:
    >
    >> I am not interested in further lambasting Xtra - - I am interested in
    >> how the mail servers work that would explain how this could have
    >> happened.

    >
    >You've been joe jobbed.
    >
    >http://en.wikipedia.org/wiki/Joe_job


    most informative - thank you
     
    nod, Oct 22, 2007
    #5
  6. On Mon, 22 Oct 2007 11:19:58 +1300, nod wrote:

    > On 22 Oct 2007 11:12:53 +1300, Jonathan Walker <>
    > wrote:
    >
    >>On Mon, 22 Oct 2007 11:04:45 +1300, nod wrote:
    >>
    >>> The reason I am puzzled is because although I maintain a minimal xtra
    >>> account and still receive a few emails through it, a couple of months
    >>> ago I switched to IHUG and cannot now send emails out through xtra
    >>> unless I go to their webmail page which I have not done for two
    >>> months.

    >>
    >>For quite some time now Telecom/Xtra has prevented people from using its
    >>SMTP server unless you were connecting to it from within its network.
    >>
    >>To be fair, Telecom is not the only ISP to do this. However, it is very
    >>inconvenient for its customers who also use some other ISP.

    >
    > You have missed the point of my posting Jonathon. I was no complaining
    > about the fact I cannot send out email through the xtra server. The
    > reason I mention that fact was to show that I could not inadvertently
    > have sent the email that has been returned to me.


    Are you using a MS Windows PC?

    Have you recently confirmed that it is free from Trojans, viruses and any
    other sort of malware?

    What about any user of MS Windows and MS Outlook/Express who has your
    email address stored on their computer?


    --
    Jonathan Walker

    "The IT industry landscape is littered with the dead
    dreams of people who once trusted Microsoft."
     
    Jonathan Walker, Oct 22, 2007
    #6
  7. nod

    lolinternet Guest

    Jonathan Walker wrote:
    > For quite some time now Telecom/Xtra has prevented people from using its
    > SMTP server unless you were connecting to it from within its network.


    > To be fair, Telecom is not the only ISP to do this. However, it is very
    > inconvenient for its customers who also use some other ISP.


    Ummm, anyone, anywhere running a mail server should do this. Any server
    that accepts mail from networks other than it's own is an open relay and
    shouldn't be on the internet.

    If said people are using another ISP they should be sending using that
    providers SMTP server (or an SMTP auth/secure SMTP session).
     
    lolinternet, Oct 22, 2007
    #7
  8. On Mon, 22 Oct 2007 20:29:30 +1300, lolinternet wrote:

    > Ummm, anyone, anywhere running a mail server should do this. Any server
    > that accepts mail from networks other than it's own is an open relay and
    > shouldn't be on the internet.


    Incorrect.

    The server should authenticate the user that is attempting to connect to
    it. Merely letting anybody connect from anywhere is, as you say acting as
    an open relay and rightly should be blocked.

    Blocking access merely because the connection is from outside of a
    particular network is no logical reason to prevent a connection. The user
    *should* be authenticated.


    --
    Jonathan Walker

    "The IT industry landscape is littered with the dead
    dreams of people who once trusted Microsoft."
     
    Jonathan Walker, Oct 22, 2007
    #8
  9. nod

    thingy Guest

    nod wrote:
    > I have just received an email
    > from Mail Delivery System
    > to
    > subject Undelivered Mail Returned to Sender
    >
    > with an attachment Tatyana from Russia(4.11KB) which I have not
    > opened
    >
    >
    > The reason I am puzzled is because although I maintain a minimal xtra
    > account and still receive a few emails through it, a couple of months
    > ago I switched to IHUG and cannot now send emails out through xtra
    > unless I go to their webmail page which I have not done for two
    > months.
    >
    > The message is:
    >
    > This is the mail system at host akvs4.plain.net.nz.
    >
    > I'm sorry to have to inform you that your message could not
    > be delivered to one or more recipients. It's attached below.
    >
    > For further assistance, please send mail to postmaster.
    >
    > If you do so, please include this problem report. You can
    > delete your own text from the attached returned message.
    >
    > The mail system
    >
    > <>: host 210.54.239.243[210.54.239.243] said: 550 No
    > such
    > recipient (in reply to RCPT TO command)
    >
    > Is this a genuine message? OR is it a clever way to get me to open
    > the attachment ?
    >
    > If it is genuine then what is happening on the xtra mail server that
    > emails are being sent out from me ?
    >
    > I am not interested in further lambasting Xtra - - I am interested in
    > how the mail servers work that would explain how this could have
    > happened.
    >
    > Thanks
    >
    > N
    >
    >
    >
    >


    Hi,

    Since its unlikely you have been Joe'd...

    It is either a bounce from a legit server with your email address forged
    as the sender (very common, mine's been sold to someone in brazil, I get
    heeps of xxx.xxx.br bounces everyday), or actually sent to you directly
    with a forged bounce header from a spammer/botnet owner and contains
    advertising and/or a virus hoping you will open it to see what went wrong.

    As "Tatyana from Russia" brings up lots of hits via google I suspect its
    a scammer and you have caught the bounce back from an ex-legit account.

    regards

    Thing
     
    thingy, Oct 22, 2007
    #9
  10. nod

    thingy Guest

    Jonathan Walker wrote:
    > On Mon, 22 Oct 2007 20:29:30 +1300, lolinternet wrote:
    >
    >> Ummm, anyone, anywhere running a mail server should do this. Any server
    >> that accepts mail from networks other than it's own is an open relay and
    >> shouldn't be on the internet.

    >
    > Incorrect.
    >
    > The server should authenticate the user that is attempting to connect to
    > it. Merely letting anybody connect from anywhere is, as you say acting as
    > an open relay and rightly should be blocked.
    >
    > Blocking access merely because the connection is from outside of a
    > particular network is no logical reason to prevent a connection. The user
    > *should* be authenticated.
    >
    >


    Most are not.

    It is a Q of risk, The standard is if from the subnets the ISP owns, it
    is let through....

    As an example smarthosting....small businesses often smarthost.

    put it this way, what would you achieve if you insisted on
    authentication? most users will automate the authentication mechanism
    anyway, so a "mail" flood from them is just going to pass through anyway
    but you greatly add to the complexity of a mail setup....ISPs already
    get enough calls from morons as it is....

    So before you react to an "obvious" issue with a "simple" solution,
    think what the other issues are.

    regards

    Thing
     
    thingy, Oct 22, 2007
    #10
  11. In article <>, says...
    > I have just received an email
    > from Mail Delivery System
    > to
    > subject Undelivered Mail Returned to Sender
    >
    > with an attachment Tatyana from Russia(4.11KB) which I have not
    > opened
    >
    >
    > The reason I am puzzled [snip, snip]
    >


    either your computer is conducting a secret affair with a girl called Tatyana

    or you have a virus on your computer that is trying to send information out via
    a smtp connection which's particulars have been discovered on your machine

    or you've been joe-jobbed. Meaning somebody (or some spam-forwarding machine)
    has used your email addy as sender and the undelivered message got returned to
    you. I've had one, single, incident of this last month. Very curious, since
    usually if you've been joe-jobbed you get hit with an avalance of returns
    rather than a single one. <scratches head>. Also, I don't use outlook or any
    variation thereof (often gets hacked).

    -P.

    --
    =========================================
    firstname dot lastname at gmail fullstop com
     
    Peter Huebner, Oct 22, 2007
    #11
  12. nod

    Geoff Guest

    Jonathan Walker wrote:
    > On Mon, 22 Oct 2007 11:04:45 +1300, nod wrote:
    >
    >> The reason I am puzzled is because although I maintain a minimal xtra
    >> account and still receive a few emails through it, a couple of months
    >> ago I switched to IHUG and cannot now send emails out through xtra
    >> unless I go to their webmail page which I have not done for two
    >> months.

    >
    > For quite some time now Telecom/Xtra has prevented people from using
    > its SMTP server unless you were connecting to it from within its
    > network.
    >
    > To be fair, Telecom is not the only ISP to do this. However, it is
    > very inconvenient for its customers who also use some other ISP.


    What is inconvnient ? It's only the outgoing server address. Most ISPsonly
    accept send mail from subscribers conncting direct to that ISP. Gives them
    som control over potential spam generators.

    geoff
     
    Geoff, Oct 22, 2007
    #12
  13. In message <>, Geoff wrote:

    > Jonathan Walker wrote:
    >
    >> For quite some time now Telecom/Xtra has prevented people from using
    >> its SMTP server unless you were connecting to it from within its
    >> network.
    >>
    >> To be fair, Telecom is not the only ISP to do this. However, it is
    >> very inconvenient for its customers who also use some other ISP.

    >
    > What is inconvnient ? It's only the outgoing server address. Most
    > ISPsonly accept send mail from subscribers conncting direct to that ISP.
    > Gives them som control over potential spam generators.


    They could always insist on authenticated SMTP to mitigate such misuse.
     
    Lawrence D'Oliveiro, Oct 23, 2007
    #13
  14. In message <>, thingy wrote:

    > put it this way, what would you achieve if you insisted on
    > authentication?


    The spambots typically run their own SMTP stack. Authentication would put
    another hurdle in their path. Not an insurmountable one, but it would
    definitely add to their difficulties.
     
    Lawrence D'Oliveiro, Oct 23, 2007
    #14
  15. nod

    thingy Guest

    Lawrence D'Oliveiro wrote:
    > In message <>, thingy wrote:
    >
    >> put it this way, what would you achieve if you insisted on
    >> authentication?

    >
    > The spambots typically run their own SMTP stack. Authentication would put
    > another hurdle in their path. Not an insurmountable one, but it would
    > definitely add to their difficulties.


    And they dont generally smarthost....that would mean a spambot scripted
    for each ISP.

    So if you did do authentication a spambot could DoS a remote ISP not on
    their subnets....

    regards

    thing
     
    thingy, Oct 23, 2007
    #15
  16. On Tue, 23 Oct 2007 08:49:47 +1300, thingy wrote:

    > So before you react to an "obvious" issue with a "simple" solution,
    > think what the other issues are.


    The user already authenticates when they connect to the network.

    It seems straight forward that the same UID and password should be used to
    authenticate access to the SMTP server - just like they need to
    authenticate when accessing the POP server.


    --
    Jonathan Walker

    "The IT industry landscape is littered with the dead
    dreams of people who once trusted Microsoft."
     
    Jonathan Walker, Oct 23, 2007
    #16
  17. On Tue, 23 Oct 2007 16:19:34 +1300, thingy wrote:

    > So if you did do authentication a spambot could DoS a remote ISP not on
    > their subnets....


    Not my problem, and certainly not the problem of those who would like to
    access the SMTP server that they have paid a subscription to be able to
    access!

    :eek:)


    --
    Jonathan Walker

    "The IT industry landscape is littered with the dead
    dreams of people who once trusted Microsoft."
     
    Jonathan Walker, Oct 23, 2007
    #17
  18. On Tue, 23 Oct 2007 10:25:01 +1200, Geoff wrote:

    >> For quite some time now Telecom/Xtra has prevented people from using
    >> its SMTP server unless you were connecting to it from within its
    >> network.
    >>
    >> To be fair, Telecom is not the only ISP to do this. However, it is
    >> very inconvenient for its customers who also use some other ISP.

    >
    > What is inconvnient ? It's only the outgoing server address. Most ISPsonly
    > accept send mail from subscribers conncting direct to that ISP. Gives them
    > som control over potential spam generators.


    Likes like you haven't read the earlier posts in this thread. :eek:)


    --
    Jonathan Walker

    "The IT industry landscape is littered with the dead
    dreams of people who once trusted Microsoft."
     
    Jonathan Walker, Oct 23, 2007
    #18
  19. In message <>, Jonathan Walker wrote:

    > On Tue, 23 Oct 2007 08:49:47 +1300, thingy wrote:
    >
    >> So before you react to an "obvious" issue with a "simple" solution,
    >> think what the other issues are.

    >
    > The user already authenticates when they connect to the network.
    >
    > It seems straight forward that the same UID and password should be used to
    > authenticate access to the SMTP server - just like they need to
    > authenticate when accessing the POP server.


    The service is not the network. Authenticating to a network connection
    doesn't automatically give you permission to use all the services on the
    Internet, because those services may be offered by different people from
    the ones giving you network access.

    That, in essence, is the end-to-end principle.
     
    Lawrence D'Oliveiro, Oct 23, 2007
    #19
  20. On Tue, 23 Oct 2007 22:38:32 +1300, Lawrence D'Oliveiro wrote:

    >> The user already authenticates when they connect to the network.
    >>
    >> It seems straight forward that the same UID and password should be used to
    >> authenticate access to the SMTP server - just like they need to
    >> authenticate when accessing the POP server.

    >
    > The service is not the network. Authenticating to a network connection
    > doesn't automatically give you permission to use all the services on the
    > Internet, because those services may be offered by different people from
    > the ones giving you network access.


    Duh!!!

    How hard can it be to set up a SMTP connection to authenticate whenever it
    connects to the server?

    How hard can it be to set up a server to require authentication whenever
    the connection is from an IP address that is outside of a prescribed range?

    Possibly just as easy as denying a connection that is outside of that
    prescribed range!


    --
    Jonathan Walker

    "The IT industry landscape is littered with the dead
    dreams of people who once trusted Microsoft."
     
    Jonathan Walker, Oct 23, 2007
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. divoch

    Mail delivery error: return Mail User unknown

    divoch, Jan 2, 2004, in forum: Computer Support
    Replies:
    11
    Views:
    1,580
    divoch
    Jan 6, 2004
  2. Mark
    Replies:
    6
    Views:
    615
  3. Client/Server Content Delivery Method?

    , Aug 23, 2006, in forum: Computer Information
    Replies:
    4
    Views:
    409
    Duane Arnold
    Sep 1, 2006
  4. Jodie

    How to check message delivery?

    Jodie, Nov 10, 2005, in forum: Computer Support
    Replies:
    19
    Views:
    795
    Jodie
    Nov 11, 2005
  5. Matty F

    Yahoo!Xtra Mail delivery problem

    Matty F, Mar 22, 2011, in forum: NZ Computing
    Replies:
    16
    Views:
    2,022
    Dave Doe
    Apr 26, 2011
Loading...

Share This Page