Spam

If you are wondering why your mail server has one or more connections open to fix.your.open.relay.or.die.net (209.151.236.29) or spam.must.die.net (209.151.236.28), then you've come to the right place.

While attempting to collect e-mail addresses from the Web to send junk mail to, someone appears to have run into my web spider trap, which hands out fake e-mail addresses of the form something@something.die.net. They appear to be using your server to try to deliver this spam.

fix.your.open.relay.or.die.net is the mail server for these addresses and what is known as a teergrube. It accepts incoming SMTP connections and tries to stall a while before rejecting the mail. It never initiates a connection to anyone itself. If you have a server that is connected to the teergrube, then that server has mail queued and is trying to deliver it. I can't control that, but you can.

If you want to stop your server from trying to deliver this mail, you'll need to:

You should look in your mail server's logs and figure out how the messages were sent to your server. If one of your users sent the mail, then they are probably sending a whole lot of unwanted e-mail and should be stopped.

On the other hand, if your SMTP server accepts messages from anywhere on the net and will send them to anywhere on the net, then it is what is known as an open relay. MAPS has set of instructions on how to fix open relays.

The source code for the teergrube is available, if you'd like to more closely examine how it works.