[Full-disclosure] Funny smtp helo in the logs

• Previous message: Paul Laudanski: "[Full-disclosure] Re: phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit."
• Next in thread: Thierry Zoller: "Re: [Full-disclosure] Funny smtp helo in the logs"
• Reply: Thierry Zoller: "Re: [Full-disclosure] Funny smtp helo in the logs"
• Reply: trains_at_doctorunix.com: "Re: [Full-disclosure] Funny smtp helo in the logs"
• Reply: Lexi: "Re: [Full-disclosure] Funny smtp helo in the logs"
• Reply: Fco. Jose Garrido Matamoros: "Re: [Full-disclosure] Funny smtp helo in the logs"
• Reply: Valdis.Kletnieks_at_vt.edu: "Re: [Full-disclosure] Funny smtp helo in the logs"
• Reply: Bill Weiss: "Re: [Full-disclosure] Funny smtp helo in the logs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <full-disclosure@lists.grok.org.uk>
Date: Sun, 30 Oct 2005 12:39:52 +0530

I have been seeing this in my logs over all the public smtp server, from
all over the net.

Anyone know what sends these kinds of helo ?

*please* when responding to this mail trim out anything below this ------

124 09/10/2005 09:54:35 HELO -1209283632 ---> 250 my.smtp.domain.server
125 09/10/2005 09:55:27 HELO -1209747464 ---> 250 my.smtp.domain.server
126 09/10/2005 09:56:01 HELO -1213477808 ---> 250 my.smtp.domain.server
129 09/10/2005 09:56:47 HELO -1208708888 ---> 250 my.smtp.domain.server
12A 09/10/2005 09:57:46 HELO -1209957152 ---> 250 my.smtp.domain.server
131 09/10/2005 10:02:36 HELO -1218370912 ---> 250 my.smtp.domain.server
134 09/10/2005 10:04:55 HELO -1217834696 ---> 250 my.smtp.domain.server
135 09/10/2005 10:05:36 HELO -1217676688 ---> 250 my.smtp.domain.server
137 09/10/2005 10:06:23 HELO -1218157032 ---> 250 my.smtp.domain.server
13A 09/10/2005 10:06:57 HELO -1216091056 ---> 250 my.smtp.domain.server
13B 09/10/2005 10:07:35 HELO -1216184136 ---> 250 my.smtp.domain.server
13C 09/10/2005 10:08:13 HELO -1217914984 ---> 250 my.smtp.domain.server
13D 09/10/2005 10:08:40 HELO -1209896648 ---> 250 my.smtp.domain.server
13E 09/10/2005 10:09:43 HELO -1213166296 ---> 250 my.smtp.domain.server
13F 09/10/2005 10:10:35 HELO -1213642136 ---> 250 my.smtp.domain.server
140 09/10/2005 10:11:16 HELO -1209605968 ---> 250 my.smtp.domain.server
006 11/10/2005 08:43:45 HELO -1212929616 ---> 250 my.smtp.domain.server
008 11/10/2005 08:44:26 HELO -1214982448 ---> 250 my.smtp.domain.server
009 11/10/2005 08:46:07 HELO -1215268000 ---> 250 my.smtp.domain.server
00A 11/10/2005 08:47:06 HELO -1214871440 ---> 250 my.smtp.domain.server
00B 11/10/2005 08:49:16 HELO -1215063696 ---> 250 my.smtp.domain.server
00C 11/10/2005 08:50:12 HELO -1215031936 ---> 250 my.smtp.domain.server
00D 11/10/2005 08:50:55 HELO -1213038648 ---> 250 my.smtp.domain.server
010 11/10/2005 08:52:09 HELO -1212896896 ---> 250 my.smtp.domain.server
014 11/10/2005 08:53:48 HELO -1212788072 ---> 250 my.smtp.domain.server
016 11/10/2005 09:00:02 HELO -1213862536 ---> 250 my.smtp.domain.server
017 11/10/2005 09:00:44 HELO -1216032616 ---> 250 my.smtp.domain.server
005 20/10/2005 17:55:02 HELO -1208757800 ---> 250 my.smtp.domain.server
006 20/10/2005 17:55:43 HELO -1208466864 ---> 250 my.smtp.domain.server
009 20/10/2005 17:57:38 HELO -1208425264 ---> 250 my.smtp.domain.server
00A 20/10/2005 17:58:36 HELO -1209153048 ---> 250 my.smtp.domain.server
00B 20/10/2005 17:59:21 HELO -1208221040 ---> 250 my.smtp.domain.server
00C 20/10/2005 18:00:16 HELO -1209204568 ---> 250 my.smtp.domain.server
00F 20/10/2005 18:01:36 HELO -1209432360 ---> 250 my.smtp.domain.server
027 20/10/2005 18:56:40 HELO -1208740112 ---> 250 my.smtp.domain.server
21E 25/10/2005 04:52:01 HELO -1208817024 ---> 250 my.smtp.domain.server
21F 25/10/2005 04:53:06 HELO -1207974056 ---> 250 my.smtp.domain.server
220 25/10/2005 04:55:26 HELO -1208954808 ---> 250 my.smtp.domain.server
221 25/10/2005 04:56:07 HELO -1208091560 ---> 250 my.smtp.domain.server
222 25/10/2005 04:56:46 HELO -1215556832 ---> 250 my.smtp.domain.server
223 25/10/2005 04:57:16 HELO -1208017712 ---> 250 my.smtp.domain.server
224 25/10/2005 04:58:03 HELO -1208351328 ---> 250 my.smtp.domain.server
227 25/10/2005 04:58:58 HELO -1215519416 ---> 250 my.smtp.domain.server
228 25/10/2005 04:59:46 HELO -1208139640 ---> 250 my.smtp.domain.server
229 25/10/2005 05:01:10 HELO -1208158800 ---> 250 my.smtp.domain.server
22A 25/10/2005 05:01:53 HELO -1208056904 ---> 250 my.smtp.domain.server
22C 25/10/2005 05:03:06 HELO -1215816112 ---> 250 my.smtp.domain.server
22D 25/10/2005 05:04:31 HELO -1216238864 ---> 250 my.smtp.domain.server
22E 25/10/2005 05:05:15 HELO -1208157944 ---> 250 my.smtp.domain.server
22F 25/10/2005 05:05:58 HELO -1215473168 ---> 250 my.smtp.domain.server
230 25/10/2005 05:06:56 HELO -1208746080 ---> 250 my.smtp.domain.server
231 25/10/2005 05:08:36 HELO -1209142096 ---> 250 my.smtp.domain.server
232 25/10/2005 05:09:09 HELO -1210509584 ---> 250 my.smtp.domain.server
233 25/10/2005 05:10:34 HELO -1210106016 ---> 250 my.smtp.domain.server
234 25/10/2005 05:12:10 HELO -1210964032 ---> 250 my.smtp.domain.server
235 25/10/2005 05:12:48 HELO -1209218672 ---> 250 my.smtp.domain.server
127 26/10/2005 02:42:59 HELO -1212817800 ---> 250 my.smtp.domain.server
128 26/10/2005 02:43:32 HELO -1212894352 ---> 250 my.smtp.domain.server
129 26/10/2005 02:43:45 HELO -1213176336 ---> 250 my.smtp.domain.server
12C 26/10/2005 02:44:19 HELO -1212856784 ---> 250 my.smtp.domain.server
12D 26/10/2005 02:45:29 HELO -1212385064 ---> 250 my.smtp.domain.server
12E 26/10/2005 02:47:31 HELO -1212692064 ---> 250 my.smtp.domain.server
12F 26/10/2005 02:48:06 HELO -1212321816 ---> 250 my.smtp.domain.server
130 26/10/2005 02:49:10 HELO -1212623592 ---> 250 my.smtp.domain.server
133 26/10/2005 02:50:18 HELO -1212715008 ---> 250 my.smtp.domain.server
134 26/10/2005 02:51:56 HELO -1213191480 ---> 250 my.smtp.domain.server
135 26/10/2005 02:53:14 HELO -1215251304 ---> 250 my.smtp.domain.server
136 26/10/2005 02:53:54 HELO -1213168152 ---> 250 my.smtp.domain.server
139 26/10/2005 02:54:38 HELO -1213098480 ---> 250 my.smtp.domain.server
13A 26/10/2005 02:54:56 HELO -1215171192 ---> 250 my.smtp.domain.server
13B 26/10/2005 02:55:10 HELO -1213084280 ---> 250 my.smtp.domain.server
177 26/10/2005 19:57:28 HELO -1216200896 ---> 250 my.smtp.domain.server
17A 26/10/2005 19:59:01 HELO -1207992480 ---> 250 my.smtp.domain.server
17B 26/10/2005 20:02:31 HELO -1211560072 ---> 250 my.smtp.domain.server
17F 26/10/2005 20:06:36 HELO -1208756616 ---> 250 my.smtp.domain.server
032 28/10/2005 01:00:43 HELO -1214666072 ---> 250 my.smtp.domain.server
033 28/10/2005 01:01:58 HELO -1215103808 ---> 250 my.smtp.domain.server
037 28/10/2005 01:02:54 HELO -1210480056 ---> 250 my.smtp.domain.server
011 29/10/2005 10:07:56 HELO -1213097304 ---> 250 my.smtp.domain.server
013 29/10/2005 10:08:02 HELO -1213097304 ---> 250 my.smtp.domain.server
014 29/10/2005 10:08:48 HELO -1212378832 ---> 250 my.smtp.domain.server
015 29/10/2005 10:09:28 HELO -1212721112 ---> 250 my.smtp.domain.server
016 29/10/2005 10:10:22 HELO -1212261992 ---> 250 my.smtp.domain.server
019 29/10/2005 10:10:42 HELO -1212651928 ---> 250 my.smtp.domain.server
021 29/10/2005 20:29:43 HELO -1208811104 ---> 250 my.smtp.domain.server
022 29/10/2005 20:31:30 HELO -1208767504 ---> 250 my.smtp.domain.server
023 29/10/2005 20:32:06 HELO -1208784160 ---> 250 my.smtp.domain.server
024 29/10/2005 20:32:54 HELO -1208772024 ---> 250 my.smtp.domain.server
027 29/10/2005 20:33:45 HELO -1208855080 ---> 250 my.smtp.domain.server
028 29/10/2005 20:35:40 HELO -1208959112 ---> 250 my.smtp.domain.server
029 29/10/2005 20:37:17 HELO -1208772552 ---> 250 my.smtp.domain.server
02A 29/10/2005 20:38:09 HELO -1208763176 ---> 250 my.smtp.domain.server
02D 29/10/2005 20:39:12 HELO -1208865784 ---> 250 my.smtp.domain.server
017 30/10/2005 11:21:26 HELO -1216191992 ---> 250 my.smtp.domain.server

________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

• Previous message: Paul Laudanski: "[Full-disclosure] Re: phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit."
• Next in thread: Thierry Zoller: "Re: [Full-disclosure] Funny smtp helo in the logs"
• Reply: Thierry Zoller: "Re: [Full-disclosure] Funny smtp helo in the logs"
• Reply: trains_at_doctorunix.com: "Re: [Full-disclosure] Funny smtp helo in the logs"
• Reply: Lexi: "Re: [Full-disclosure] Funny smtp helo in the logs"
• Reply: Fco. Jose Garrido Matamoros: "Re: [Full-disclosure] Funny smtp helo in the logs"
• Reply: Valdis.Kletnieks_at_vt.edu: "Re: [Full-disclosure] Funny smtp helo in the logs"
• Reply: Bill Weiss: "Re: [Full-disclosure] Funny smtp helo in the logs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]