?

Log in

No account? Create an account

fanf

Barracuda are morons

« previous entry | next entry »
24th Jan 2008 | 09:52

Try learning about SpamAssassin's notfirsthop DNS blacklist option, and why it might be a sensible idea, you utter cretins.

 This message was created automatically by mail delivery software.

 A message that you sent could not be delivered to one or more of its
 recipients. This is a permanent error. The following address(es) failed:

 zzzzzzzz@pts.edu
   SMTP error from remote mail server after end of data:
   host smtp.pts.edu [72.22.0.101]:
   554 Service unavailable; Client host [ppsw-5.csi.cam.ac.uk]
       blocked using Barracuda Reputation;
       http://bbl.barracudacentral.com/q.cgi?ip=86.165.170.59

 ------ This is a copy of the message, including all the headers. ------

 Return-path: <zzz99@cam.ac.uk>
 X-Cam-SpamDetails: Not scanned
 X-Cam-AntiVirus: No virus found
 X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
 Received: from [86.165.170.59] (port=51166 helo=[192.168.1.2])
           by ppsw-5.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.155]:587)
           with esmtpsa (PLAIN:zzz99) (TLSv1:AES128-SHA:128)
           id 1JHf30-0003CD-Il (Exim 4.67)
           (return-path <zzz99@cam.ac.uk>); Wed, 23 Jan 2008 12:49:42 +0000
 Mime-Version: 1.0 (Apple Message framework v752.3)
 Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
 ...

| Leave a comment | Share

Comments {5}

Barry

from: hobnobs
date: 24th Jan 2008 16:11 (UTC)

Barracuda are a bunch of wazzocks I have no hesitation in not recommending.

Reply | Thread

Tony Finch

from: fanf
date: 24th Jan 2008 16:19 (UTC)

There has been a lot of badmouthing of Barracuda on the mailop list recently :-)

Reply | Parent | Thread

Barry

from: hobnobs
date: 24th Jan 2008 20:04 (UTC)

Couldn't happen to nicer people... Anyone who installs a backdoor on the SMTP port of an email appliance unit deserves all they get.

Reply | Parent | Thread

(Deleted comment)

Barry

from: hobnobs
date: 25th Jan 2008 09:21 (UTC)

I've not seen any back-and-forth discussions, but one write-up can be found at http://packetstormsecurity.org/papers/evaluation/Barracuda_Evil.txt .
I can personally confirm that the iptables entries are in there. (or "were" in my case, as they are no longer there now.)

It's not a universal backdoor, as it's limited to access from Barracuda Central, but as the person who defines and maintains our network security policies on the firewall, and also sets policy for email services, I find that kind of thing abhorrent.

(The link also shows a way to login via the Barracuda console, however I think Barracuda may have updated the main image at some point to not allow it to work. However, the "Failsafe" lilo entry still allowed it last time I needed to use it, so if you want to try it use that instead.)

Reply | Parent | Thread