lamers looking for relays
ronnie gauthier
ronnieg
Mon May 17 11:35:22 PDT 2004
The spam vigilanties are as bad as the spammers themselves. They are scanning when and where they want and blocking without probable cause. They also refuse to unblock legitimate addresses because they are within a block owned by spam tollerant service providers. Their answer is to tell you to move to another provider and you are staying blocked. I know it can cut down on spam but I just have no use for assholes who act as god without also being able to walk on water and feed the homeless multitudes.
On Thu, 25 Jul 2002 14:37:12 -0700
Bill Campbell <bill at celestial.com> wrote:
On Thu, Jul 25, 2002 at 05:06:24PM -0400, Sys Admin wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Been seeing a *ton* of these lately... watch your machines folks..
The njabl.org folks are taking over where ORBS and friends left off,
scanning machines for relays without any reason other than they can (e.g.
they haven't any spam from the systems to justify a relay test).
That isn't to say that there aren't a buttload of spammers looking for open
relays, we see hundreds of attempts per day in our smail-3.2 logs (which we
enter in our local RBL to prevent them from ever sending anything to our
servers in the future).
The best open relay I know of is relays.visi.com. They only list sites
that have actually sent spam. We forward several hundred IP addresses a
day to them from our spamtraps. They then do a test to verify that the
host is truly an open relay, and list them appropriately. We block about
100,000 connections a day, 75,000 of which are listed by them.
>Security Violations
>=-=-=-=-=-=-=-=-=-=
>Jul 25 01:28:50 linux-sxs sendmail[21072]: g6P5Snrw021072:
> ruleset=check_rcpt, arg1=<relaytest at rr.njabl.org>,
> relay=IDENT:+dX7vjBJCCo91k5FlbhRmGn5AWiziDBO at rt.njabl.org [209.208.0.15],
> reject=550 5.7.1 <relaytest at rr.njabl.org>... Relaying denied Jul 25 01:28:51
> linux-sxs sendmail[21072]: g6P5Snrx021072: ruleset=check_rcpt,
> arg1=<relaytest at rr.njabl.org>,
> relay=IDENT:+dX7vjBJCCo91k5FlbhRmGn5AWiziDBO at rt.njabl.org [209.208.0.15],
> reject=550 5.7.1 <relaytest at rr.njabl.org>... Relaying denied Jul 25 01:28:51
> linux-sxs sendmail[21072]: g6P5Sns0021072: ruleset=check_rcpt,
> arg1=<relaytest at rr.njabl.org>,
> relay=IDENT:+dX7vjBJCCo91k5FlbhRmGn5AWiziDBO at rt.njabl.org [209.208.0.15],
> reject=550 5.7.1 <relaytest at rr.njabl.org>... Relaying denied Jul 25 01:28:51
> linux-sxs sendmail[21072]: g6P5Sns1021072: ruleset=check_mail,
> arg1=<relaytestsend>,
> relay=IDENT:+dX7vjBJCCo91k5FlbhRmGn5AWiziDBO at rt.njabl.org [209.208.0.15],
> reject=553 5.5.4 <relaytestsend>... Domain name required for sender address
> relaytestsend Jul 25 01:28:51 linux-sxs sendmail[21072]: g6P5Sns2021072:
> ruleset=check_mail, arg1=<relaytestsend at localhost>,
> relay=IDENT:+dX7vjBJCCo91k5FlbhRmGn5AWiziDBO at rt.njabl.org [209.208.0.15],
> reject=553 5.5.4 <relaytestsend at localhost>... Real domain name required for
> sender address Jul 25 01:28:52 linux-sxs sendmail[21072]: g6P5Sns3021072:
> ruleset=check_rcpt, arg1=<relaytest at rr.njabl.org>,
> relay=IDENT:+dX7vjBJCCo91k5FlbhRmGn5AWiziDBO at rt.njabl.org [209.208.0.15],
> reject=550 5.7.1 <relaytest at rr.njabl.org>... Relaying denied Jul 25 01:28:52
> linux-sxs sendmail[21072]: g6P5Sns4021072: ruleset=check_rcpt,
> arg1=<relaytest at rr.njabl.org>,
> relay=IDENT:+dX7vjBJCCo91k5FlbhRmGn5AWiziDBO at rt.njabl.org [209.208.0.15],
> reject=550 5.7.1 <relaytest at rr.njabl.org>... Relaying denied Jul 25 01:28:52
> linux-sxs sendmail[21072]: g6P5Sns5021072: ruleset=check_rcpt,
> arg1=<relaytest at rr.njabl.org>,
> relay=IDENT:+dX7vjBJCCo91k5FlbhRmGn5AWiziDBO at rt.njabl.org [209.208.0.15],
> reject=550 5.7.1 <relaytest at rr.njabl.org>... Relaying denied Jul 25 01:28:52
> linux-sxs sendmail[21072]: g6P5Sns6021072: ruleset=check_rcpt,
> arg1=<relaytest%rr.njabl.org at ESMTP>,
> relay=IDENT:+dX7vjBJCCo91k5FlbhRmGn5AWiziDBO at rt.njabl.org [209.208.0.15],
> reject=550 5.7.1 <relaytest%rr.njabl.org at ESMTP>... Relaying denied Jul 25
> 01:28:53 linux-sxs sendmail[21072]: g6P5Sns8021072: ruleset=check_rcpt,
> arg1=<relaytest%rr.njabl.org at ESMTP>,
> relay=IDENT:+dX7vjBJCCo91k5FlbhRmGn5AWiziDBO at rt.njabl.org [209.208.0.15],
> reject=550 5.7.1 <relaytest%rr.njabl.org at ESMTP>... Relaying denied
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.0.7 (GNU/Linux)
>
>iD8DBQE9QGhQSrrWWknCnMIRAhylAKDUEE0eKUmxknB6tdOyYtAtb/nygQCgrigz
>tCCTPqp/M6XxrYLLbYeprG4=
>=aiTX
>-----END PGP SIGNATURE-----
>
>
>_______________________________________________
>Linux-users mailing list - http://linux-sxs.org/mailman/listinfo/linux-users
>Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
>
--
Bill
--
INTERNET: bill at Celestial.COM Bill Campbell; Celestial Software LLC
UUCP: camco!bill PO Box 820; 6641 E. Mercer Way
FAX: (206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676
URL: http://www.celestial.com/
Government spending? I don't know what it's all about. I don't know
any more about this thing than an economist does, and, God knows, he
doesn't know much.
-- Will Rogers
_______________________________________________
Linux-users mailing list - http://linux-sxs.org/mailman/listinfo/linux-users
Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
More information about the Linux-users
mailing list