Security Incidents mailing list archives
Fishing for open relays
From: John Pettitt <jpp () CLOUDVIEW COM>
Date: Tue, 31 Oct 2000 17:42:40 -0600
Anybody else been seeing this? I've been getting a lot of "relay tests" of late some look legit (AOL seems to be scanning for open relays) and some like this one look bogus (why would joymail.com use a pac-bell DSL account?) John
Date: Tue, 31 Oct 2000 15:35:09 -0800 (PST) Subject: Postfix SMTP server: errors from adsl-216-102-218-162.dsl.snfc21.pacbell.net[216.102.218.162] Transcript of session follows. Out: 220 gatekeeper.cloudview.com ESMTP Postfix In: HELO Scanner Out: 250 gatekeeper.cloudview.com In: MAIL FROM: abusecheck () joymail com Out: 250 Ok In: RCPT TO: mailservers () joymail com Out: 554 <mailservers () joymail com>: Recipient address rejected: Relay access denied Session aborted, reason: lost connection
John Pettitt Email: jpp () cloudview com To the optimist, the glass is half full. To the pessimist, the glass is half empty. To the engineer, the glass is twice as big as it needs to be. To the plumber, any liquid in the glass is potential income. PGP keys on MIT & pgp.com servers. Fingerprint: 81B5 446D 3E0E 1CDE 5A45 644A A744 54C4 7886 3658
Current thread:
- Fishing for open relays John Pettitt (Nov 02)
- <Possible follow-ups>
- Re: Fishing for open relays Brett Glass (Nov 05)