RE: 1000s of SMTP RCPT TO overflow and Speedera Pings

["Robert Schwartz" <robert () mrsquirrel com>]

> I don't know if this will apply to your data flows, but 
> whenever I see SMTP RCPT TO OVERFLOW alert, it indicates an 
> open SMTP relay.  Please disregard if this offends or does 
> not apply, but you may check the configuration of the 
> destination host to ensure that it is not relaying SPAM.

Or it indicates that you have a basic ESMTP host that's relaying
properly but uses pipelining for stuff like high volume mailing lists
(ahem) :)  Although it's always good to verify your relay-sanity.

The word in the archives is that this is an old Lotus Notes exploit, so
if the archives are correct, disable it unless you have an ancient Lotus
Notes system hooked directly up to the Internet.  If you do have one,
then "upgrade" it with a hammer...





-------------------------------------------------------
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone?  Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users