[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-users] spam exploits
- Subject: RE: [cobalt-users] spam exploits
- From: "Manny Tau" <mtau@xxxxxxx>
- Date: Fri Apr 11 15:28:01 2003
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
This is the last entry of many, from my mail log today:
Apr 11 12:33:18 www sendmail[8267]: h3BJXF508267:
from=<falk_grosswig@xxxxxxx>, size=1097, class=0, nrcpts=1,
msgid=<000003e46fa5$00003428$000060cb@xxxxxxxxxxxxxxxxxxxxxxxxxxx>,
proto=SMTP, daemon=MTA, relay=[66.159.211.40]
Apr 11 12:33:19 www sendmail[8246]: h3BJXD508243:
to=<hustleman2000@xxxxxxxxxxx>, delay=00:00:06, xdelay=00:00:05,
mailer=esmtp, pri=31451, relay=mx3.hotmail.com. [65.54.254.140], dsn=5.1.1,
stat=User unknown
Apr 11 12:33:20 www sendmail[8270]: h3BJXH508270: from=<fbernal@xxxxxxx>,
size=1435, class=0, nrcpts=1,
msgid=<000034f52dc8$00004c10$00007719@xxxxxxxxxxxxxxxxxxxxxxxxxxx>,
proto=ESMTP, daemon=MTA, relay=[66.159.211.40]
So I see that relay=66.159.211.69 is the culprit?
My IP is close to that ...
Manny
-----Original Message-----
From: cobalt-users-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-users-admin@xxxxxxxxxxxxxxx]On Behalf Of Dan Kriwitsky
Sent: Friday, April 11, 2003 3:16 PM
To: cobalt-users@xxxxxxxxxxxxxxx
Subject: RE: [cobalt-users] spam exploits
> Exploited, meaning that an unauthorized person is using my
> email/webserver to relay their spams...USA.net responded
> saying that the sender's email is spoofed, actually, here's
> the message:
What does your maillog say? Are you sure it's being relayed through your
server?
--
C2003 Dan Kriwitsky
Please reply to the list only. Off list replies are not read.
_____________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users