nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: example.com/net/org DNS records

From: Roger Marquis <marquis () roble com>
Date: Sun, 4 Jan 2004 17:15:55 -0800 (PST)

On Mon, 5 Jan 2004, Suresh Ramasubramanian wrote:

What spam did you see that forged example.* in the sender envelope / rDNS?


reject: RCPT from 123-58-189-66.wo.cpe.charter-ne.com[66.189.58.123]: 554 <tested.from.204.69.218.218 () example com>: 
Recipient address rejected: Relay access denied; from=<> to=<tested.from.204.69.218.218 () example com>
reject: RCPT from 123-58-189-66.wo.cpe.charter-ne.com[66.189.58.123]: 554 <tested.from.204.69.218.218 () example com>: 
Recipient address rejected: Relay access denied; from=<> to=<tested.from.204.69.218.218 () example com>
reject: RCPT from 123-58-189-66.wo.cpe.charter-ne.com[66.189.58.123]: 554 <tested.from.66.207.192.254 () example com>: 
Recipient address rejected: Relay access denied; from=<> to=<tested.from.66.207.192.254 () example com>
reject: RCPT from unknown[195.219.161.18]: 504 <sss>: Helo command rejected: need fully-qualified hostname; from=<sss 
() example com> to=<sssx () example com>
reject: RCPT from 123-58-189-66.wo.cpe.charter-ne.com[66.189.58.123]: 554 <tested.from.172.153.194.136 () example com>: 
Recipient address rejected: Relay access denied; from=<> to=<tested.from.172.153.194.136 () example com>
reject: RCPT from 123-58-189-66.wo.cpe.charter-ne.com[66.189.58.123]: 554 <tested.from.172.153.194.136 () example com>: 
Recipient address rejected: Relay access denied; from=<> to=<tested.from.172.153.194.136 () example com>
reject: RCPT from adsl-65-66-178-75.dsl.snantx.swbell.net[65.66.178.75]: 554 <vic () victim com>: Recipient address 
rejected; from=<pekon () example com> to=<vic () victim com> proto=SMTP helo=<compuserve.com>
warning: 213.230.38.5: hostname reserved-multicast-range-NOT-delegated.example.com verification failed: Host not found
reject: RCPT from cmailg1.svr.pol.co.uk[195.92.195.171]: 554 <cmailg1.svr.pol.co.uk[195.92.195.171]>: Client host 
rejected: Access denied; from=<thetoptenwebs () www example com> to=<vic () victim com>
reject: RCPT from lsanca2-ar24-4-62-187-078.lsanca2.dsl-verizon.net[4.62.187.78]: 554 Service unavailable; Client host 
[4.62.187.78] blocked using bl.spamcop.net; Blocked - see http://spamcop.net/bl.shtml?4.62.187.78; from=<bclark () 
dummy-host example com> to=<commsec () victim com> proto=SMTP helo=<compuserve.com>
reject: RCPT from 12-252-121-69.client.attbi.com[12.252.121.69]: 554 Service unavailable; Client host [12.252.121.69] 
blocked using bl.spamcop.net; Blocked - see http://spamcop.net/bl.shtml?12.252.121.69; from=<hashao () example com> 
to=<wotan () victim com> proto=SMTP helo=<aol.com>
reject: RCPT from unknown[219.234.9.254]: 554 Service unavailable; Client host [219.234.9.254] blocked using 
bl.spamcop.net; Blocked - see http://spamcop.net/bl.shtml?219.234.9.254; from=<gorgo () dummy-host example com> 
to=<lindalu1 () victim com> proto=SMTP helo=<rambler.ru>
reject: RCPT from unknown[166.104.200.92]: 554; Client host [166.104.200.92] blocked using bl.spamcop.net; Blocked - 
see http://spamcop.net/bl.shtml?166.104.200.92; from=<cbaoqiu () dummy-host example com> to=<vic () victim com> 
proto=SMTP helo=<microsoft.com>
reject: RCPT from host202-60.pool21759.interbusiness.it[217.59.60.202]: 554 Service unavailable; Client host 
[host202-60.pool21759.interbusiness.it] blocked; from=<tasminahmad () dummy-host example com> to=<pacgermany () victim 
com> proto=SMTP helo=<mailserv>
reject: RCPT from c-66-229-245-245.we.client2.attbi.com[66.229.245.245]: 554; Client host [66.229.245.245] blocked 
using bl.spamcop.net; Blocked - see http://www.spamcop.net/bl.shtml?66.229.245.245; from=<bcwekjfeg () example com> 
to=<brad () victim com> proto=SMTP helo=<c-66-229-245-245.we.client2.attbi.com>
reject: RCPT from c-66-229-245-245.we.client2.attbi.com[66.229.245.245]: 554; Client host [66.229.245.245] blocked 
using bl.spamcop.net; Blocked - see http://www.spamcop.net/bl.shtml?66.229.245.245; from=<bcwekjfeg () example com> 
to=<freekje () victim com> proto=SMTP helo=<c-66-229-245-245.we.client2.attbi.com>
reject: RCPT from flandre-1-81-57-169-89.fbx.proxad.net[81.57.169.89]: 554; Client host [81.57.169.89] blocked using 
bl.spamcop.net; Blocked - see http://www.spamcop.net/bl.shtml?81.57.169.89; from=<jwxplalp () hinmavzgv example net> 
to=<daemon () victim com> proto=SMTP helo=<flandre-1-81-57-169-89.fbx.proxad.net>
reject: RCPT from unknown[61.105.251.12]: 554 Service unavailable; Client host [61.105.251.12] blocked using 
bl.spamcop.net; Blocked - see http://spamcop.net/bl.shtml?61.105.251.12; from=<rosalia () faun example org> to=<jon () 
victim com> proto=SMTP helo=<microsoft.com>
reject: RCPT from ool-182f3f56.dyn.optonline.net[24.47.63.86]: 554 Service unavailable; Client host [24.47.63.86] 
blocked using bl.spamcop.net; Blocked - see http://spamcop.net/bl.shtml?24.47.63.86; from=<lippmann () example org> 
to=<e.retsia () victim com> proto=SMTP helo=<compuserve.com>
reject: RCPT from mrdn-01-25.dialup.netins.net[207.177.98.90]: 504 <sss>: Helo command rejected: need fully-qualified 
hostname; from=<sss () example com> to=<sssx () example com>
reject: RCPT from 13-156.ae.cgocable.ca[24.122.13.156]: 554; Client host [24.122.13.156] blocked using cbl.abuseat.org; 
Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=24.122.13.156; from=<alrwv236h () example org> to=<agodoy () victim 
com> proto=SMTP helo=<13-156.ae.cgocable.ca>
...
Previous By Date Next
Previous By Thread Next

Current thread: