[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] email attack?

Subject: Re: [cobalt-users] email attack?
From: Charlie Clemmer <cclemmer@xxxxxxxxxxxxxxxxxx>
Date: Sun Jul 27 09:44:01 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

At 10:35 AM 7/27/2003 -0400, you wrote:

For the past few days we have seen a HUGE number of messages addressed to a
couple of bogus names on one domain:
lauren@xxxxxxxxxx
geraldine@xxxxxxxxxx
erin@xxxxxxxxxx
Each message seems to originate from a different relay, and with each
message a "No such user" is returned.  Is this part of a known exploit?
Should I create an account in one of these names to see what's in the
message?  Is there a better way to stop these since I can't use ipchains to
deny the 1000s of different relays on which these are arriving?

I don't get huge numbers of those, but I do get some. Me being paranoid, Ihave a catchall set up that routes these to /dev/null, so while it does usebandwidth since whatever message they are sending gets accepted, it getsdeleted here, and the sender doesn't know for sure whether that user nameexists or not.



--
This message has been scanned for viruses and dangerous content by
MailScanner, and is believed to be clean.

Follow-Ups:
- Re: [cobalt-users] email attack?
  - From: Paul Warner

References:
- [cobalt-users] email attack?
  - From: Paul Warner

Prev by Date: RE: [cobalt-users] email attack?
Next by Date: Re: [cobalt-users] email attack?
Previous by thread: RE: [cobalt-users] email attack?
Next by thread: Re: [cobalt-users] email attack?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index