[Exim] Re: Attacker?? odd log entry (repeatedly but not ste…

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMGreg Ward at <-
 
Delete this message
Reply to this message
Author: Suresh Ramasubramanian
Date:  
To: exim-users
Subject: [Exim] Re: Attacker?? odd log entry (repeatedly but not steadily)
+++ John W Baxter [17/10/02 12:20 -0700]:
> server. Does the log entry mean that 134.39.36.217 is using HELO/EHLO
> smtp.olympus.net ?

yes

> 2002-10-17 09:26:58 SMTP call from (smtp.olympus.net) [134.39.36.217]
> dropped: too many unrecognized commands

Most likely an open proxy, and it is sending across HTTP headers along with
all the SMTP when a spammer connects through it to send spam to your users.

Just block it. 

    -suresh



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] [patch] A few minor fixes/improvements.[Exim] Re: A few minor fixes/improvements.->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)