More than likely individual systems that have had security problems that have allowed it to become an open relay/proxy at some point in time. Many viruses are in circulation that open up http and socks proxies on random ports that allow for remote abuse. For example, here is a list of IP addresses at MSU that have made it into DSBL for running an open relay/proxy (multihop in some cases): 35.9.98.20 openrelay.msu.edu 35.9.5.100 Host not found. 35.9.5.26 pilot06.cl.msu.edu 35.9.5.23 pilot03.cl.msu.edu 35.9.5.32 pilot12.cl.msu.edu 35.9.5.24 pilot04.cl.msu.edu 35.9.5.29 pilot09.cl.msu.edu 35.8.163.65 infos.ent.msu.edu 35.9.5.33 pilot13.cl.msu.edu 35.9.5.38 pilot18.cl.msu.edu 35.8.152.77 sol.bch.msu.edu 35.9.5.35 pilot15.cl.msu.edu 35.9.5.21 pilot01.cl.msu.edu 35.9.5.30 pilot10.cl.msu.edu 35.9.5.28 pilot08.cl.msu.edu 35.9.5.27 pilot07.cl.msu.edu 35.9.5.40 pilot20.cl.msu.edu 35.9.6.36 list1.cl.msu.edu 35.8.3.158 barnes.cl.msu.edu 35.9.5.25 pilot05.cl.msu.edu 35.11.14.217 Host not found. 35.8.138.21 bailey.grounds.msu.edu 35.8.74.49 Host not found. 35.11.11.172 drakesa1.user.msu.edu 35.12.228.34 sagitario.egr.msu.edu 35.12.228.22 erl.egr.msu.edu 35.8.4.18 capa1.nscl.msu.edu 35.11.186.169 cholujni.user.msu.edu 35.11.128.248 gastonkr.user.msu.edu 35.11.108.150 Host not found. 35.11.174.67 user-a4c974.user.msu.edu 35.11.243.45 user-c17701.user.msu.edu 35.11.136.221 user-b5d908.user.msu.edu 35.11.186.136 hurleyk2.user.msu.edu 35.11.221.144 user-e117e8.user.msu.edu 35.11.17.82 Host not found. 35.8.73.91 Host not found. 35.11.185.214 growstac.user.msu.edu 35.11.157.137 user-289e7e.user.msu.edu 35.11.188.47 Host not found. 35.11.202.237 user-ae18d6.user.msu.edu 35.11.96.78 Host not found. 35.11.223.124 user-1ef1ad.user.msu.edu 35.11.100.134 Host not found. 35.11.131.75 dudleym7.user.msu.edu 35.11.129.220 user-ff6e44.user.msu.edu 35.11.129.170 user-fb88bf.user.msu.edu 35.11.182.74 user-a48cbb.user.msu.edu 35.11.26.64 Host not found. 35.11.25.200 Host not found. 35.11.189.137 ealytene.user.msu.edu 35.11.15.131 Host not found. 35.11.204.6 lasordac.user.msu.edu 35.11.129.27 user-40142c.user.msu.edu 35.11.22.219 mazoraar.user.msu.edu 35.11.216.44 frazeeni.user.msu.edu 35.11.129.202 user-ce580e.user.msu.edu 35.11.147.34 garciaez-2.user.msu.edu 35.11.186.174 user-7e8ba5.user.msu.edu 35.11.108.153 Host not found. 35.11.134.25 user-3c083c.user.msu.edu 35.11.134.40 user-3cef1c.user.msu.edu 35.11.182.87 user-6cfa87.user.msu.edu 35.11.193.30 soriano1.user.msu.edu 35.11.217.5 user-9e792e.user.msu.edu 35.11.157.133 user-e197eb.user.msu.edu 35.11.157.199 user-d9a330.user.msu.edu 35.11.136.25 user-9b8fe4.user.msu.edu 35.9.136.134 eb3238p01.dhcp.egr.msu.edu 35.11.221.98 user-3a1153.user.msu.edu 35.11.97.215 Host not found. 35.11.243.119 user-3f1f9a.user.msu.edu 35.11.221.51 user-ecc099.user.msu.edu 35.8.140.60 Host not found. 35.11.215.210 Host not found. 35.8.73.54 clear.msu.edu 35.11.17.216 sonjiwon-2.user.msu.edu 35.11.97.17 Host not found. 35.9.86.101 httest.msufgp.msu.edu 35.11.100.246 Host not found. 35.8.27.38 jbpc.cem.msu.edu 35.11.98.41 Host not found. 35.11.98.4 Host not found. 35.10.239.31 fw-136.user.msu.edu 35.9.5.5 idmail.cl.msu.edu 35.9.5.41 pilot21.cl.msu.edu 35.9.5.31 pilot11.cl.msu.edu 35.9.5.39 pilot19.cl.msu.edu 35.9.5.48 pilot28.cl.msu.edu 35.9.5.47 pilot27.cl.msu.edu 35.9.5.44 pilot24.cl.msu.edu 35.8.179.21 beal.cpp.msu.edu 35.8.96.163 Host not found. 35.10.216.132 Host not found. 35.11.98.7 Host not found. 35.8.133.160 olympus.bus.msu.edu 35.8.240.113 ap-12.com.msu.edu 35.8.240.8 www.com.msu.edu 35.11.97.93 Host not found. 35.11.98.25 Host not found. 35.11.182.108 alvare20.user.msu.edu 35.11.136.50 ceokari.user.msu.edu 35.11.184.142 holmesd6.user.msu.edu 35.10.63.135 Host not found. 35.11.200.217 hollada7.user.msu.edu 35.12.26.81 pm854-29.dialip.mich.net 35.11.243.38 user-b58c92.user.msu.edu 35.11.200.191 cheejohn.user.msu.edu 35.11.245.183 user-968ba5.user.msu.edu Note that almost every single one of these listings means that the IP has been abusable by third parties for any number of tasks and probably was abused in order to make it into the list (and may still be open to abuse.) Details for each IP can be looked up on: http://dsbl.org/listing AOL does its own relay / proxy testing. And uses its own blacklist to deny mail. You may also want to make sure that clients aren't trying to send mail with the outgoing mailserver of openrelay.msu.edu, which is on almost every single blacklist out there. Hope this helps. -Russell Joseph Deming wrote: > I have this problem occurring from one of my workstations. It happens > repeatedly when sending from the same computer. Doug and others have > verified (by sending test e-mails) that MSU has not been blocked as a > whole and it seems unlikely that any portion of MSU has been blocked. > More likely, individual computers have been added to their blocked IP > list. In our case, it was the one computer on my network that managed > to get a virus during the recent onslaught. This computer was > mass-mailing for a few hours one day and likely that was why it was > blocked.