[MKDoc-dev] [BUG] CheckUser.pm usage results in MKDoc sites being
blackholed
Chris Croome
chris at webarchitects.co.uk
Mon Jun 5 14:06:28 BST 2006
Hi
One MKDoc server keeps getting listed on the CBL email spam list:
http://cbl.abuseat.org/
And I think I have tracked this down to the use of Mail::CheckUser in
flo/plugin/Account/Subscribe.pm -- this is what the CBL says:
The Perl CheckUser module defaults to improper "HELO" and "MAIL FROM"
strings: "localhost.localdomain" and "check at user.com" respectively.
The former is illegal, the latter impersonates user.com - they
probably don't like that. [Besides, by not using your own domain, some
spam filters will lie to your RCPT TO.]
You will need to change $Helo_Domain = to be "<DNS name of your
server>" and change $Sender_Addr to be something in _your_ domain (eg:
"check@<mydomain>")
http://cbl.abuseat.org/linuxnonserver.html
And if you run ethereal and capture the helo MKDoc does indeed use the
default of localhost.localdomain and the default email address of
check at user.com so I think this solves this mystery...
All that is needed now is for Subscribe.pm to be fixed so that it uses
the MKdoc public domain for the helo and the admin email address for the
check.
Chris
--
Chris Croome <chris at webarchitects.co.uk>
web design http://www.webarchitects.co.uk/
web content management http://mkdoc.com/
More information about the MKDoc-dev
mailing list