Security Incidents mailing list archives
RE: Excess SMTP traffic to non-mail host
From: "NESTING, DAVID M (SBCSI)" <dn3723 () sbc com>
Date: Wed, 27 Mar 2002 10:51:11 -0600
Keep in mind that a steady, constant flow of e-mail traffic, depending upon the configuration of the originating MTA, could show a steady increase in the number of connections, since a transient SMTP error will result in periodic retries. It almost sounds like some spammers got ahold of an "open relay" list that indicated (incorrectly, apparently) that this IP address was an open relay. David ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Excess SMTP traffic to non-mail host Basil Hussain (Mar 27)
- Re: Excess SMTP traffic to non-mail host dr john halewood (Mar 27)
- Re: Excess SMTP traffic to non-mail host Chris Wilkes (Mar 27)
- <Possible follow-ups>
- RE: Excess SMTP traffic to non-mail host NESTING, DAVID M (SBCSI) (Mar 27)