[SATLUG] Possible Email Attacks
Geoff
geoff at w5omr.shacknet.nu
Tue Nov 13 13:13:52 CST 2007
Jonathan Hull wrote:
> I would think it is just spam trying to use your server as a bounce. I
> wouldn't worry too much about it seeing as you have relaying blocked.
>
Pretty much the same thing I see here...
Oct 28 21:11:51 w5omr sendmail[14433]: l9T2Bmju014433:
ruleset=check_rcpt,
arg1=smtprctest at gmail.com%cpe-70-113-21-115.satx.res.rr.com,
relay=router.emserv.ru [80.251.112.34], reject=550 5.7.1
smtprctest at gmail.com%cpe-70-113-21-115.satx.res.rr.com... Relaying denied
Oct 28 21:11:52 w5omr sendmail[14433]: l9T2Bmjx014433:
ruleset=check_rcpt, arg1=smtprctest at gmail.com, relay=router.emserv.ru
[80.251.112.34], reject=550 5.7.1 smtprctest at gmail.com... Relaying denied
Nov 2 07:13:54 w5omr sendmail[30562]: lA2CDrvc030562:
ruleset=check_rcpt, arg1=<all9988 at gmail.com>,
relay=203-70-94-46.adsl.dynamic.seed.net.tw [203.70.94.46], reject=550
5.7.1 <all9988 at gmail.com>... Relaying denied
Nov 2 10:55:18 w5omr sendmail[32159]: lA2FtHVx032159:
ruleset=check_rcpt, arg1=<imartnet at gmail.com>,
relay=218-170-53-230.dynamic.hinet.net [218.170.53.230], reject=550
5.7.1 <imartnet at gmail.com>... Relaying denied
Nov 3 11:23:10 w5omr sendmail[9957]: lA3GN4jM009957:
ruleset=check_rcpt, arg1=<hotpost19 at gmail.com>,
relay=VG-4-52.dialup.access.telecore.net.ru [213.135.65.54], reject=550
5.7.1 <hotpost19 at gmail.com>... Relaying denied
Nov 3 19:17:22 w5omr sendmail[13492]: lA40HKgu013492:
ruleset=check_rcpt, arg1=<all9988 at gmail.com>,
relay=203-70-88-151.adsl.dynamic.seed.net.tw [203.70.88.151], reject=550
5.7.1 <all9988 at gmail.com>... Relaying denied
Nov 6 05:09:50 w5omr sendmail[5477]: lA6B9n1G005477:
ruleset=check_rcpt, arg1=<all9988 at gmail.com>,
relay=59-105-9-55.adsl.dynamic.seed.net.tw [59.105.9.55], reject=550
5.7.1 <all9988 at gmail.com>... Relaying denied
Nov 6 06:47:09 w5omr sendmail[6085]: lA6Cl7Qu006085:
ruleset=check_rcpt, arg1=<joe1688_search at yahoo.com.tw>,
relay=125-225-1-32.dynamic.hinet.net [125.225.1.32], reject=550 5.7.1
<joe1688_search at yahoo.com.tw>... Relaying denied
Nov 8 05:46:52 w5omr sendmail[26013]: lA8BkpEb026013:
ruleset=check_rcpt, arg1=<all9988 at gmail.com>,
relay=211-74-14-182.adsl.dynamic.seed.net.tw [211.74.14.182], reject=550
5.7.1 <all9988 at gmail.com>... Relaying denied
Nov 10 05:55:13 w5omr sendmail[13715]: lAABtBDU013715:
ruleset=check_rcpt, arg1=<all9988 at gmail.com>,
relay=59-105-95-157.adsl.dynamic.seed.net.tw [59.105.95.157], reject=550
5.7.1 <all9988 at gmail.com>... Relaying denied
Nov 12 14:07:31 w5omr sendmail[4926]: lACK7R2G004926:
ruleset=check_rcpt, arg1=<candy59839 at yahoo.com.tw>,
relay=59-117-66-144.dynamic.hinet.net [59.117.66.144], reject=550 5.7.1
<candy59839 at yahoo.com.tw>... Relaying denied
Oh, they're out there, no doubt :-)
More information about the SATLUG
mailing list