[NTLUG:Discuss] I need some advice, quick

Neil Aggarwal neil at JAMMConsulting.com
Wed Dec 20 20:54:17 CST 2006 

Lance:

zoneedit.com is timing out.  Take a look at this page from
DNSStuff:

http://www.dnsstuff.com/tools/traversal.ch?domain=lsimmons.net&type=MX 

Their DNS records must be messed up.

	Neil


-----Original Message-----
From: discuss-bounces at ntlug.org [mailto:discuss-bounces at ntlug.org] On Behalf
Of Lance Simmons
Sent: Wednesday, December 20, 2006 8:50 PM
To: discuss at ntlug.org
Subject: [NTLUG:Discuss] I need some advice, quick

I've been running a mail server at home for about 5 years.  Nothing
fancy, and I only have a couple of accounts (wife and kids old enough
to use email), and everything seemed to be fine.  I thought I had the
spam problem under control, using spamassassin and bogofilter, but in
the past 3 or 4 months, the spam was getting way out of control.

I was swimming in spam (every day I had to hand delete hundreds, even
though my spamassassin and bogofilter were catching many more
hundreds), and I didn't have time to devote to the problem.  So I
tried something that seemed reasonable: I changed my .forward file to
direct mail to my gmail account (because gmail does good spam
filtering), instead of to procmail (which sent the mail to
spamassassin and bogofilter).  It seemed like a good idea.

The first thing I noticed was that about 90% of the spam my exim4 mail
server was forwarding to my gmail account was not showing up in the
gmail spam box.  I guess it was so obviously spam there was no need to
show it to me.  Fine.

But then I noticed that within a few days, I started not getting
emails from people.  Lots of people told me that they were sending me
email and I wasn't getting it.  I started to get concerned.  It got so
bad that I stopped the experiment, and changed my .forward file back
to the old  "|/usr/bin/procmail".  But things didn't get better. And
now, I see that my domain (lsimmons.net) no longer has DNS records.

Is it possible that by forwarding so much spam to gmail, my mail
server got targetted as a compromised machine?  Could there be some
other way of finding out why DNS lookups don't work for me?

I guess I have two questions:

1: How do I find out why DNS lookups aren't working for me any more?
(I've checked with my registrar (joker.com) and with my nameserver
(zoneedit.com), and things seem normal.

2.  Was it a bad idea (maybe a really bad idea) to bounce my incoming,
spam-riddled mail to my gmail account?

I know this isn't directly Linux-related, but wasn't sure who else to
ask, and I'm feeling some urgency here.

-- 
Lance Simmons

_______________________________________________
http://www.ntlug.org/mailman/listinfo/discuss

More information about the Discuss mailing list