[NTLUG:Discuss] alert from sendmail

Greg Edwards greg at nas-inet.com
Mon Apr 26 01:26:43 CDT 2004


Tom McDonald wrote:
> 
> Greg,
> 
> The message header has an ID# 834a01c42a54$5dee0a3a$bea840ad at stagnum.fr
> which is where the message originated.  It looks like a consulting house
> in Paris. Even though I have done some French things, I can't read
> it...   :')
> 
> I know a lot of the spammers are operating out of Russia now because of
> laws like in California, and theres a ton of open relays in the orient. 
> They solicit email ad campaigns, then if a business signs up they send
> the info to Russia, and they do the spamming from there, of course they
> use the open relays to bounce the spam around a little so you can't
> trace it back...
> 
> I think it's an attempt to get your MTA to relay the message that
> originated in France, then was relayed at least in Korea, with a phony
>>From line from Russia, and your MX took it as an attack... Without
> knowing your MTA and config it would be hard to say.
> 
> Tom
> 
> 
> ----
> 
> Tom McDonald <tom at compuclaim.com>
> Compuclaim Inc.
> 

 From everything I can figure whatever it was trying didn't go anywhere. 
  I use that old dinosaur sendmail ;)

Thanks for the feedback.

-- 
Greg Edwards

Hosted Websites from New Age Software - http://www.nas-inet.com
   Anime, Manga, Lady Amaya - http://roseofcreation.nas-inet.com
   Coppell Texas            - http://coppell.nas-inet.com
   Software Engineering     - http://consult.nas-inet.com




More information about the Discuss mailing list