nick at laststop.net
Sun Jul 6 19:55:17 UTC 2008
ATM I have exchange set to dis-allow outbound mail, just to be safe. I want to have something more then just a simple home-level nat box before I allow anything more out, pending a full while and re-load. The damage done was to the box itself. The few pieces of email that needed to go out this weekend (seven or eight, I think) used my personal mail server as the outbound. Forgive me if I'm not making any sense, I've been burning the candle at both ends...
>From: Jim Popovitch <yahoo at jimpop.com>
>Sent: Jul 6, 2008 11:55 AM
>To: nanog <nanog at nanog.org>
>Subject: Re: tacid.org
>On Sun, Jul 6, 2008 at 11:09 AM, Nick Shank <nick at laststop.net> wrote:
>> After doing a bit of digging, it doesn't appear the any of the tacid.org ip-space is blacklisted (one less
>> battle I have to fight). Fortune 100? Nope. Just a small non-profit org in Tacoma, WA, that got their
>> exchange box rooted. I'm still trying to figure out the full extent of the damage done, but this point,
>> I believe 99.7% of the outbound mail is legit. In-bound is another story entirely, but that's my own
>> private hell to deal with.
>This in no way is a negative assumption on your skills. There is
>some important information missing from the above details. You wrote
>that your Exchange box was rooted, but you didn't indicate what you
>did to resolve that. I'm not looking for the details of what you did,
>just an overall statement about how you rectified it. You also
>indicate that you are still assessing the full extent of the damage,
>is that to the Exchange box or to the IP space?
More information about the NANOG