Re: Mail Issue

[Charles_Ebinger () Lenox com]

Is it possible someone is trying to use your SMTP gateway as a relay server for
SPAM???

Charlie




From: Stephen Malenshek <stephen () valuelinx net> on 07/29/2001 10:55 PM

To:   incidents () securityfocus com
cc:    (bcc: Charles Ebinger/Lenox)
Subject:  Mail Issue



I sent this same information along with the detailed logs to Road Runner, but
I have yet to hear anything back.  In the last 24 hours, my mail server has
denyied over 52,000 messages from this address.  I have added deny lists to
the firewall, but it does not match the addresses listed here.  Does anyone
have any ideas of what is happening here?  Thanks in advance for any
assistance given.



Jul 29 21:39:57 pop3 sendmail[31890]: f6U2duU31890:
from=<ellievowell () hotmail com>, size=0, class=0, nrcpts=0, proto=SMTP,
daemon=MTA, relay=dt181nd1.tampabay.rr.com [24.92.209.209]
Jul 29 21:39:59 pop3 sendmail[31900]: f6U2dwU31900: ruleset=check_rcpt,
arg1=<rstelz () concentric net>, relay=dt181nd1.tampabay.rr.com [24.92.209.209],
reject=550 5.7.1 <rstelz () concentric net>... Relaying denied
Jul 29 21:39:59 pop3 sendmail[31900]: f6U2dwU31900: lost input channel from
dt181nd1.tampabay.rr.com [24.92.209.209] to MTA after rcpt

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com








----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com