[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] email attack?

Subject: RE: [cobalt-users] email attack?
From: "Dan Kriwitsky" <list1@xxxxxxxxxxxxxxxxxxxx>
Date: Sun Jul 27 08:00:01 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

> For the past few days we have seen a HUGE number of messages 
> addressed to a couple of bogus names on one domain: 
> lauren@xxxxxxxxxx geraldine@xxxxxxxxxx erin@xxxxxxxxxx Each 
> message seems to originate from a different relay, and with 
> each message a "No such user" is returned.  Is this part of a 
> known exploit?

Google for spam dictionary attack.

> Should I create an account in one of these 
> names to see what's in the message?

If you want to send complaints, but you would probably need a catchall
to do that. Right now you're saving bandwidth by rejecting them.

>  Is there a better way to 
> stop these since I can't use ipchains to deny the 1000s of 
> different relays on which these are arriving?

Install one of the Sendmail based DNSBL features detailed in other posts
in the archives or just Google for Sendmail feature DNSBL.

-- 
C2003 Dan Kriwitsky

Please reply to the list only. Off list replies are not read.

References:
- [cobalt-users] email attack?
  - From: Paul Warner

Prev by Date: [cobalt-users] email attack?
Next by Date: Re: [cobalt-users] email attack?
Previous by thread: [cobalt-users] email attack?
Next by thread: Re: [cobalt-users] email attack?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index