[NTLUG:Discuss] DNS failures tied to spam problem? (Was: Re: I need some advice, quick)

Craig Gill cgill27 at homeipnet.com
Wed Dec 20 22:19:35 CST 2006 

Several dns providers have been attacked by DoS attacks lately, making
records not appear for domains.  You can temporarily setup dns service at
another dns provider and re-create your records until the DoS attack has
ended.

Craig

> I've added a descriptive subject line.
>
> On 12/20/06, Lance Simmons <simmons.lance at gmail.com> wrote:
>> I've been running a mail server at home for about 5 years.  Nothing
>> fancy, and I only have a couple of accounts (wife and kids old enough
>> to use email), and everything seemed to be fine.  I thought I had the
>> spam problem under control, using spamassassin and bogofilter, but in
>> the past 3 or 4 months, the spam was getting way out of control.
>>
>> I was swimming in spam (every day I had to hand delete hundreds, even
>> though my spamassassin and bogofilter were catching many more
>> hundreds), and I didn't have time to devote to the problem.  So I
>> tried something that seemed reasonable: I changed my .forward file to
>> direct mail to my gmail account (because gmail does good spam
>> filtering), instead of to procmail (which sent the mail to
>> spamassassin and bogofilter).  It seemed like a good idea.
>>
>> The first thing I noticed was that about 90% of the spam my exim4 mail
>> server was forwarding to my gmail account was not showing up in the
>> gmail spam box.  I guess it was so obviously spam there was no need to
>> show it to me.  Fine.
>>
>> But then I noticed that within a few days, I started not getting
>> emails from people.  Lots of people told me that they were sending me
>> email and I wasn't getting it.  I started to get concerned.  It got so
>> bad that I stopped the experiment, and changed my .forward file back
>> to the old  "|/usr/bin/procmail".  But things didn't get better. And
>> now, I see that my domain (lsimmons.net) no longer has DNS records.
>>
>> Is it possible that by forwarding so much spam to gmail, my mail
>> server got targetted as a compromised machine?  Could there be some
>> other way of finding out why DNS lookups don't work for me?
>>
>> I guess I have two questions:
>>
>> 1: How do I find out why DNS lookups aren't working for me any more?
>> (I've checked with my registrar (joker.com) and with my nameserver
>> (zoneedit.com), and things seem normal.
>>
>> 2.  Was it a bad idea (maybe a really bad idea) to bounce my incoming,
>> spam-riddled mail to my gmail account?
>>
>> I know this isn't directly Linux-related, but wasn't sure who else to
>> ask, and I'm feeling some urgency here.
>>
>> --
>> Lance Simmons
>>
>
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss
>

More information about the Discuss mailing list