Re: AW: [Exim] Interesting "attack" on my exim server...

Top Page
Delete this message
Reply to this message
Author: Dave C.
Date:  
To: Daniel Seehof
CC: exim-users
Subject: Re: AW: [Exim] Interesting "attack" on my exim server...
On Thu, 22 Aug 2002, Daniel Seehof wrote:

> Hi,
>
> > I've been getting a "dictionary" attack on one of the domains I
> > host - checking all possible names for email addresses - ...,
> greg@???, gregg@???,
> > gregh@???, ..., george@???, ...
>
> I'm getting the same kind of attack for about six months now.


I beleive there is at least one variant of the W32.Klez out there that,
as it forges the senders address, tries to use the MX for the sender's
domain to relay the message.


>
> > The attacks are coming from 200.231.206.0/24 (several dozen hosts)
>
> My attacks are coming from round about twelve-thousand different hosts.
>
> > just 1 domain out of dozens, how strange...
>
> Same here.
>
> Cheers DANIEL
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
>