Re: [Exim] (no subject)

Pàgina inicial
Aquest missatge és part del següent fil:
Ml'arbre de fils complet ordenat per data
MDave C. en <-
MMAdam Moffett en ->
Delete this message
Reply to this message
Autor: Tom Samplonius
Data:  
A: Dave C.
CC: exim-users
Assumpte: Re: [Exim] (no subject)
On Sat, 5 Oct 2002, Dave C. wrote:

> Is anyone else getting TONS of connections from seemingly random IP
> addresses, all giving a HELO (something random).optprofessionals.com,
> trying to send to tons of addresses. As it happens, the MAIL FROM they
> are using is invalid, so we reject the messages, but there are like a
> hundred or more simultaneous connections coming in at once, each one
> wading its way thruough thousands of recipients - and they dont give
> up either - I kill all of the processes off, and they come back
> knocking on my SMTP port in less than an hour...
>
> Anyone else seeing these?
...

I've seen this sort of thing before. Usually, I just find the IP block
the sending servers are in, and put that in a host reject entry.

For instance, flonetworks (a supposedly legitimate mass-mail company)
used to have a bug in their custom written SMTP delivery software and it
would get confused when reading certain responses from Exim. At that
point flonetworks had between 10 servers sending e-mail, and each one
would have 10 to 15 connections open. I just blocked their network, and
complained to their upstream.

Tom



Aquest missatge es va enviar a les següents llistes de correu:
Exim-users
Informació sobre la llista de correu | Missatges propers		<-Re: [Exim] Text for :fail:[Exim] exim, SA, SA-exim and CJK->
Tahini and Hummus and Cumin Development Archives administrat per cumin AdminsLurker (versió 2.3)