[lug] Relay attacks
Joseph McDonald
joem at uu.net
Tue Oct 15 10:22:46 MDT 2002
Oh, you'd be surprised:
[root at otho ~]# grep china9988 at 21cn.com /var/log/maillog* | wc
14 218 2792
They're spammers, they have no soul. :)
--joey
Rob Nagler said:
>
> Every day, the same people try to relay via my machines:
>
> g9EBYlT30225: ruleset=check_rcpt, arg1=<china9988 at 21cn.com>, relay=[61.79.86.193], reject=550 5.7.1 <china9988 at 21cn.com>... Relaying denied. IP name lookup failed [61.79.86.193]
> g9EEqbT03558: ruleset=check_rcpt, arg1=<china9988 at 21cn.com>, relay=[210.221.154.23], reject=550 5.7.1 <china9988 at 21cn.com>... Relaying denied. IP name lookup failed [210.221.154.23]
> g9EExCT03757: ruleset=check_rcpt, arg1=<nongayrich at runbox.com>, relay=24-90-190-122.nyc.rr.com [24.90.190.122], reject=550 5.7.1 <nongayrich at runbox.com>... Relaying denied
> g9F1qWT22634: ruleset=check_rcpt, arg1=<testman100 at hotpop.com>, relay=adsl-157-199-220.dab.bellsouth.net [66.157.199.220], reject=550 5.7.1 <testman100 at hotpop.com>... Relaying denied
>
> Don't they ever give up? They seem to hit all machines with open SMTP
> ports. It's not really a big deal, but I'm a paranoid sort. There
> must be millions of open SMTP ports on the Internet. They can't pick
> them all everyday, can they?
>
> Just curious,
> Rob
>
>
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
>
More information about the LUG
mailing list