My FC3 machine appears to be compromised, please help
Les Mikesell
lesmikesell at gmail.com
Thu Apr 6 16:25:20 UTC 2006
On Thu, 2006-04-06 at 10:33, Bob Brennan wrote:
> >
> > ;; QUESTION SECTION:
> > ;thebrennan.net. IN MX
> >
> > ;; ANSWER SECTION:
> > thebrennan.net. 2400 IN MX 0 mail.mi-server.net.
> > thebrennan.net. 2400 IN MX 10 mx1.sitelutions.com.
> > thebrennan.net. 2400 IN MX 20 mx2.sitelutions.com.
> Thanks for that Les. The mail.mi-server.net is the same IP as all of
> my domains, I just use it as a generic pointer in case I chop and/or
> change other names. Sitelutions is a mail backup service that is
> hopefully gathering and saving my email as we speak, well worth the
> $1.50/month because even though my FC3 system is fairly watertight
> there is no telling how, why, or for how long some lowlife has
> compromised Demon's nameservers.
But any mail being sent to you right now should be going to:
;; QUESTION SECTION:
;mail.mi-server.net. IN A
;; ANSWER SECTION:
mail.mi-server.net. 2385 IN A 83.104.235.34
as long as it answers, regardless of any CNAME oddities. Mail
will always use the MX record. I think your real issue is
only that your server doesn't know its own name which you
can fix as I mentioned in the last message.
--
Les Mikesell
lesmikesell at gmail.com
More information about the users
mailing list