xtra mail server - is this mail delivery system message genuine

Discussion in 'NZ Computing' started by nod, Oct 21, 2007.

  1. nod

    nod Guest

    I have just received an email
    from Mail Delivery System
    to
    subject Undelivered Mail Returned to Sender

    with an attachment Tatyana from Russia(4.11KB) which I have not
    opened


    The reason I am puzzled is because although I maintain a minimal xtra
    account and still receive a few emails through it, a couple of months
    ago I switched to IHUG and cannot now send emails out through xtra
    unless I go to their webmail page which I have not done for two
    months.

    The message is:

    This is the mail system at host akvs4.plain.net.nz.

    I'm sorry to have to inform you that your message could not
    be delivered to one or more recipients. It's attached below.

    For further assistance, please send mail to postmaster.

    If you do so, please include this problem report. You can
    delete your own text from the attached returned message.

    The mail system

    <>: host 210.54.239.243[210.54.239.243] said: 550 No
    such
    recipient (in reply to RCPT TO command)

    Is this a genuine message? OR is it a clever way to get me to open
    the attachment ?

    If it is genuine then what is happening on the xtra mail server that
    emails are being sent out from me ?

    I am not interested in further lambasting Xtra - - I am interested in
    how the mail servers work that would explain how this could have
    happened.

    Thanks

    N
     
    nod, Oct 21, 2007
    #1
    1. Advertisements

  2. For quite some time now Telecom/Xtra has prevented people from using its
    SMTP server unless you were connecting to it from within its network.

    To be fair, Telecom is not the only ISP to do this. However, it is very
    inconvenient for its customers who also use some other ISP.
     
    Jonathan Walker, Oct 21, 2007
    #2
    1. Advertisements

  3. nod

    EMB Guest

    You've been joe jobbed.

    http://en.wikipedia.org/wiki/Joe_job
     
    EMB, Oct 21, 2007
    #3
  4. nod

    nod Guest

    You have missed the point of my posting Jonathon. I was no complaining
    about the fact I cannot send out email through the xtra server. The
    reason I mention that fact was to show that I could not inadvertently
    have sent the email that has been returned to me.
     
    nod, Oct 21, 2007
    #4
  5. nod

    nod Guest

    nod, Oct 22, 2007
    #5
  6. Are you using a MS Windows PC?

    Have you recently confirmed that it is free from Trojans, viruses and any
    other sort of malware?

    What about any user of MS Windows and MS Outlook/Express who has your
    email address stored on their computer?
     
    Jonathan Walker, Oct 22, 2007
    #6
  7. nod

    lolinternet Guest

    Ummm, anyone, anywhere running a mail server should do this. Any server
    that accepts mail from networks other than it's own is an open relay and
    shouldn't be on the internet.

    If said people are using another ISP they should be sending using that
    providers SMTP server (or an SMTP auth/secure SMTP session).
     
    lolinternet, Oct 22, 2007
    #7
  8. Incorrect.

    The server should authenticate the user that is attempting to connect to
    it. Merely letting anybody connect from anywhere is, as you say acting as
    an open relay and rightly should be blocked.

    Blocking access merely because the connection is from outside of a
    particular network is no logical reason to prevent a connection. The user
    *should* be authenticated.
     
    Jonathan Walker, Oct 22, 2007
    #8
  9. nod

    thingy Guest

    Hi,

    Since its unlikely you have been Joe'd...

    It is either a bounce from a legit server with your email address forged
    as the sender (very common, mine's been sold to someone in brazil, I get
    heeps of xxx.xxx.br bounces everyday), or actually sent to you directly
    with a forged bounce header from a spammer/botnet owner and contains
    advertising and/or a virus hoping you will open it to see what went wrong.

    As "Tatyana from Russia" brings up lots of hits via google I suspect its
    a scammer and you have caught the bounce back from an ex-legit account.

    regards

    Thing
     
    thingy, Oct 22, 2007
    #9
  10. nod

    thingy Guest

    Most are not.

    It is a Q of risk, The standard is if from the subnets the ISP owns, it
    is let through....

    As an example smarthosting....small businesses often smarthost.

    put it this way, what would you achieve if you insisted on
    authentication? most users will automate the authentication mechanism
    anyway, so a "mail" flood from them is just going to pass through anyway
    but you greatly add to the complexity of a mail setup....ISPs already
    get enough calls from morons as it is....

    So before you react to an "obvious" issue with a "simple" solution,
    think what the other issues are.

    regards

    Thing
     
    thingy, Oct 22, 2007
    #10
  11. either your computer is conducting a secret affair with a girl called Tatyana

    or you have a virus on your computer that is trying to send information out via
    a smtp connection which's particulars have been discovered on your machine

    or you've been joe-jobbed. Meaning somebody (or some spam-forwarding machine)
    has used your email addy as sender and the undelivered message got returned to
    you. I've had one, single, incident of this last month. Very curious, since
    usually if you've been joe-jobbed you get hit with an avalance of returns
    rather than a single one. <scratches head>. Also, I don't use outlook or any
    variation thereof (often gets hacked).

    -P.
     
    Peter Huebner, Oct 22, 2007
    #11
  12. nod

    Geoff Guest

    What is inconvnient ? It's only the outgoing server address. Most ISPsonly
    accept send mail from subscribers conncting direct to that ISP. Gives them
    som control over potential spam generators.

    geoff
     
    Geoff, Oct 22, 2007
    #12
  13. They could always insist on authenticated SMTP to mitigate such misuse.
     
    Lawrence D'Oliveiro, Oct 23, 2007
    #13
  14. The spambots typically run their own SMTP stack. Authentication would put
    another hurdle in their path. Not an insurmountable one, but it would
    definitely add to their difficulties.
     
    Lawrence D'Oliveiro, Oct 23, 2007
    #14
  15. nod

    thingy Guest

    And they dont generally smarthost....that would mean a spambot scripted
    for each ISP.

    So if you did do authentication a spambot could DoS a remote ISP not on
    their subnets....

    regards

    thing
     
    thingy, Oct 23, 2007
    #15
  16. The user already authenticates when they connect to the network.

    It seems straight forward that the same UID and password should be used to
    authenticate access to the SMTP server - just like they need to
    authenticate when accessing the POP server.
     
    Jonathan Walker, Oct 23, 2007
    #16
  17. Not my problem, and certainly not the problem of those who would like to
    access the SMTP server that they have paid a subscription to be able to
    access!

    :eek:)
     
    Jonathan Walker, Oct 23, 2007
    #17
  18. Likes like you haven't read the earlier posts in this thread. :eek:)
     
    Jonathan Walker, Oct 23, 2007
    #18
  19. The service is not the network. Authenticating to a network connection
    doesn't automatically give you permission to use all the services on the
    Internet, because those services may be offered by different people from
    the ones giving you network access.

    That, in essence, is the end-to-end principle.
     
    Lawrence D'Oliveiro, Oct 23, 2007
    #19
  20. Duh!!!

    How hard can it be to set up a SMTP connection to authenticate whenever it
    connects to the server?

    How hard can it be to set up a server to require authentication whenever
    the connection is from an IP address that is outside of a prescribed range?

    Possibly just as easy as denying a connection that is outside of that
    prescribed range!
     
    Jonathan Walker, Oct 23, 2007
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.