Date: Mon, 25 May 1998 10:28:45 -0700 (PDT) From: David Babler <dbabler@Rigel.orionsys.com> To: Karl Pielorz <kpielorz@tdx.co.uk> Cc: isp@FreeBSD.ORG Subject: Re: SMTP Relay probing - Should I follow up - advice? Message-ID: <Pine.BSF.3.96.980525101524.27171W-100000@Rigel.orionsys.com> In-Reply-To: <35695091.FE0ACF50@tdx.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 25 May 1998, Karl Pielorz wrote: > Hi All, > > This isn't strictly FreeBSD relates, but it is very ISP related... > > I've just checked through my morning security logs, and suprise, suprise our > entire address space was scanned again lastnight for SMTP relays... Theres > loads of firewall logs for SMTP connects to machines we don't allow SMTP to, > and on the machines we do allow SMTP to - in the logs are loads of sendmail > catches for 'Relaying Unavailable' (the message we send to people trying to > relay)... > > My question is - I have the IP address these came from, they are a Spamming > Company by the look of it, and to be honest I'm sick of this sort of > thing... What is the domain and what is their IP? If it was me, I'd block all contacts from their IP at the connection stage if they were doing this on purpose. Complaining to their upstream MIGHT do something, but don't hold your breath. A few relaying denied entries are expected, since many of us (people who have to deal daily with spam) run relay-checking contacts on hosts to determine if the mail host in question relays. But this sounds like a collection run for open relays. If the domain doing the scanning is in the "business" of selling spamware and/or mailing lists, they have no conscience, ethics or morals to begin with - if this is a spammer using a domain to scan for open relays, nail his butt. > I'm just annoyed a company that obviously has set out to specialise in > spam/electronic mailing lists doesn't even use it's own servers to send the > damned stuff out... Of *course* they don't use their own servers... why PAY for a service you can steal? Or be blocked at the source. I really wish somebody would sue the scumbags that produce spam-spewer software for theft of services and conspiracy to defraud. Probes like this, if they come from a known bulk-mailer producer, tend to confirm the suspicion that this crap comes with some sort of list of exploitable open relays and so is promoting theft. -Dave To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980525101524.27171W-100000>