[lug] Relay attacks

brad.madison brad.madison at mail.tds.net
Sun Feb 9 13:34:51 MST 2003 

You don't need to ignore relay attempts.  it's better if you don't.  See
sig.

Original post, found via Google:

Re: [lug] Relay attacks



    To: lug at lug.boulder.co.us 
    Subject: Re: [lug] Relay attacks 
    From: joem at uu.net (Joseph McDonald) 
    Date: Tue, 15 Oct 2002 12:22:46 -0400 (EDT) 
    In-reply-to: <no.id> from "Rob Nagler" at Oct 15, 2002 10:10:01 AM 
    List-archive: <http://lists.lug.boulder.co.us/pipermail/lug/> 
    List-help: <mailto:lug-request at lug.boulder.co.us?subject=help> 
    List-id: Boulder (Colorado) Linux Users Group -- General Mailing
List <lug.lug.boulder.co.us> 
    List-post: <mailto:lug at lug.boulder.co.us> 
    List-subscribe:
<http://lists.lug.boulder.co.us/mailman/listinfo/lug>,<mailto:lug-request at lug.boulder.co.us?subject=subscribe> 
    List-unsubscribe:
<http://lists.lug.boulder.co.us/mailman/listinfo/lug>,<mailto:lug-request at lug.boulder.co.us?subject=unsubscribe> 
    Reply-to: lug at lug.boulder.co.us 
    Sender: lug-admin at lug.boulder.co.us 



Oh, you'd be surprised:

[root at otho ~]# grep china9988 at 21cn.com /var/log/maillog* | wc
     14     218    2792

They're spammers, they have no soul. :)

        --joey

Rob Nagler said:
> 
> Every day, the same people try to relay via my machines:
> 
> g9EBYlT30225: ruleset=check_rcpt, arg1=<china9988 at 21cn.com>, relay=[61.79.86.193], reject=550 5.7.1 <china9988 at 21cn.com>... Relaying denied. IP name lookup failed [61.79.86.193]
> g9EEqbT03558: ruleset=check_rcpt, arg1=<china9988 at 21cn.com>, relay=[210.221.154.23], reject=550 5.7.1 <china9988 at 21cn.com>... Relaying denied. IP name lookup failed [210.221.154.23]
> g9EExCT03757: ruleset=check_rcpt, arg1=<nongayrich at runbox.com>, relay=24-90-190-122.nyc.rr.com [24.90.190.122], reject=550 5.7.1 <nongayrich at runbox.com>... Relaying denied
> g9F1qWT22634: ruleset=check_rcpt, arg1=<testman100 at hotpop.com>, relay=adsl-157-199-220.dab.bellsouth.net [66.157.199.220], reject=550 5.7.1 <testman100 at hotpop.com>... Relaying denied
> 
> Don't they ever give up?  They seem to hit all machines with open SMTP
> ports.  It's not really a big deal, but I'm a paranoid sort.  There
> must be millions of open SMTP ports on the Internet.  They can't pick
> them all everyday, can they?
> 
> Just curious,
> Rob
> 
> 




-- 

"From March 7 to December 26 2002, the total was: 235,624,232"

-- The Mushroom Guy

Stop spam, run Jackpot: http://jackpot.uk.net/

More information about the LUG mailing list