Thus spake J.A. Terranson (measl@mfn.org) [12/03/06 20:41]: : A reply to a posting by affliction.org. When my MTA tried to pass it to : the original poster, it was beaten down by a blacklist (SORBS). Sorry : dude, but you've apparently got, or had, bot! It's actually an artifact of running a TOR proxy. I've de-listed myself from SORBS four times, and since then, I've just given up. I don't even run the TOR proxy anymore, and I haven't cared to get myself delisted. Maybe I should do it one more time... : Additional Information: Likely Trojaned Machine, host running Korgo trojan That's actually blatantly false. I've done full virus scans of every host on the network, and Korgo isn't anywhere to be found. This was the case each time. : Well, you've got 993 and 995 open, so 110 and 143 should probably go away. Good point. I never use POP3 externally anyhow. : Then, you've got VNC open to the worold: ARE YOU NUTS? Nope. My roommate requested it. I told him it's a bad idea. We're still hashing it out. What I'm tending towards is a tunnel-only SSH setup for him, but haven't had the time to play with it. (And I think you missed a few other open ports, but that's fine by me.) : Your DNS is not recursing, and that's OK, although I question your need to : run one. Basically, you look OK, except that the world still believes you : Got Bot. You may wanna give SORBS a heads-up that you fixed it. Sorry : about the public posting, but it's the only way to get it to you. I should hope my DNS isn't recursing. And I need it as I run my own domain, and haven't found a good, reliable DNS provider that will let me do everything I want to do (SPF, TXT, and LOC RRs, etc.). I find it strange that you were able to get to me without issues previously. I don't particularly mind that you posted publicy: if I felt uncomfortable running my network the way I do, then I wouldn't run it that way.