[NTLUG:Discuss] alert from sendmail
Greg Edwards
greg at nas-inet.com
Mon Apr 26 01:26:43 CDT 2004
Tom McDonald wrote:
>
> Greg,
>
> The message header has an ID# 834a01c42a54$5dee0a3a$bea840ad at stagnum.fr
> which is where the message originated. It looks like a consulting house
> in Paris. Even though I have done some French things, I can't read
> it... :')
>
> I know a lot of the spammers are operating out of Russia now because of
> laws like in California, and theres a ton of open relays in the orient.
> They solicit email ad campaigns, then if a business signs up they send
> the info to Russia, and they do the spamming from there, of course they
> use the open relays to bounce the spam around a little so you can't
> trace it back...
>
> I think it's an attempt to get your MTA to relay the message that
> originated in France, then was relayed at least in Korea, with a phony
>>From line from Russia, and your MX took it as an attack... Without
> knowing your MTA and config it would be hard to say.
>
> Tom
>
>
> ----
>
> Tom McDonald <tom at compuclaim.com>
> Compuclaim Inc.
>
From everything I can figure whatever it was trying didn't go anywhere.
I use that old dinosaur sendmail ;)
Thanks for the feedback.
--
Greg Edwards
Hosted Websites from New Age Software - http://www.nas-inet.com
Anime, Manga, Lady Amaya - http://roseofcreation.nas-inet.com
Coppell Texas - http://coppell.nas-inet.com
Software Engineering - http://consult.nas-inet.com
More information about the Discuss
mailing list