Security Basics mailing list archives
Re: How is it possible?
From: Micheal Espinola Jr <michealespinola () gmail com>
Date: Fri, 13 May 2005 09:21:24 -0400
Many spammers have a vast virtual army of "zombie" computers that have been exploited with proxy servers and/or SMTP relays. If they are able to detect that you are rejecting connections from a particular system, they can easily change to another zombie. This is unfortunately common. On 5/12/05, Monty Ree <chulmin2 () hotmail com> wrote:
Hello, all. I have operated smtp server and allow smtp function to my clients(over 5,000) using one id/p auth.(smtp auth) But, some user(I don't know him) sends lots of spam mails through this smtp server so I have filtered that IP addr. then after some minutes he send spam mails again using other IP address which is not same network range. for example, He sends spams like this.. 1.1.1.1 --> I filtered, then after 1-2 minutes later 2.2.2.2 --> I filtered, then after 1-2 minutes later 3.3.3.3 --> I filtered, then after 1-2 minutes later 4.4.4.4 --> I filtered, then after 1-2 minutes later 5.5.5.5 ...... Surely, all IPs are one ISP network but network range is not same... The spammer using proxy server? How is it possible? and how to solve against this attack? Thanks in advance. _________________________________________________________________ 상큼한 만남과 따뜻한 공동체 생활... 지금 MSN 커뮤니티에서 시작하세요! http://groups.msn.com/?pgmarket=ko-kr
-- ME2 <http://www.santeriasys.net/>
Current thread:
- How is it possible? Monty Ree (May 12)
- RE: How is it possible? Joe Osborn (May 13)
- Re: How is it possible? Dave Aronson (May 13)
- Re: How is it possible? Micheal Espinola Jr (May 13)