[lug] Relay attacks
Rob Nagler
nagler at bivio.biz
Tue Oct 15 10:10:01 MDT 2002
Every day, the same people try to relay via my machines:
g9EBYlT30225: ruleset=check_rcpt, arg1=<china9988 at 21cn.com>, relay=[61.79.86.193], reject=550 5.7.1 <china9988 at 21cn.com>... Relaying denied. IP name lookup failed [61.79.86.193]
g9EEqbT03558: ruleset=check_rcpt, arg1=<china9988 at 21cn.com>, relay=[210.221.154.23], reject=550 5.7.1 <china9988 at 21cn.com>... Relaying denied. IP name lookup failed [210.221.154.23]
g9EExCT03757: ruleset=check_rcpt, arg1=<nongayrich at runbox.com>, relay=24-90-190-122.nyc.rr.com [24.90.190.122], reject=550 5.7.1 <nongayrich at runbox.com>... Relaying denied
g9F1qWT22634: ruleset=check_rcpt, arg1=<testman100 at hotpop.com>, relay=adsl-157-199-220.dab.bellsouth.net [66.157.199.220], reject=550 5.7.1 <testman100 at hotpop.com>... Relaying denied
Don't they ever give up? They seem to hit all machines with open SMTP
ports. It's not really a big deal, but I'm a paranoid sort. There
must be millions of open SMTP ports on the Internet. They can't pick
them all everyday, can they?
Just curious,
Rob
More information about the LUG
mailing list