SpamIf you are wondering why your mail server has one or more connections open to fix.your.open.relay.or.die.net (220.127.116.11) or spam.must.die.net (18.104.22.168), then you've come to the right place.
While attempting to collect e-mail addresses from the Web to send junk mail to, someone appears to have run into my web spider trap, which hands out fake e-mail addresses of the form firstname.lastname@example.org. They appear to be using your server to try to deliver this spam.
fix.your.open.relay.or.die.net is the mail server for these addresses and what is known as a teergrube. It accepts incoming SMTP connections and tries to stall a while before rejecting the mail. It never initiates a connection to anyone itself. If you have a server that is connected to the teergrube, then that server has mail queued and is trying to deliver it. I can't control that, but you can.
If you want to stop your server from trying to deliver this mail, you'll need to:
- Remove all mail from your server's mail queue destined for *@*.die.net. See your server's documentation on how to do this.
- Shut down and restart any mail services or processes that are currently connected to fix.your.open.relay.or.die.net (22.214.171.124). With the spam removed from the queue, they won't try to reconnect.
You should look in your mail server's logs and figure out how the messages were sent to your server. If one of your users sent the mail, then they are probably sending a whole lot of unwanted e-mail and should be stopped.
On the other hand, if your SMTP server accepts messages from anywhere on the net and will send them to anywhere on the net, then it is what is known as an open relay. MAPS has set of instructions on how to fix open relays.
The source code for the teergrube is available, if you'd like to more closely examine how it works.