Re: SMTP harrasment by nie2.infomail.es?

From: jrlpop@mail.portland.co.uk
Date: 11/26/02

Next message: Aaron Lewis: "RE: wu-ftpd attack ???"

Previous message: Aaron D. Lewis: "wu-ftpd attack ???"
In reply to: Hugo van der Kooij: "SMTP harrasment by nie2.infomail.es?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 26 Nov 2002 08:58:32 +0100
From: "jrlpop@mail.portland.co.uk" <jrlpop@mail.portland.co.uk>
To: Hugo van der Kooij <hvdkooij@vanderkooij.org>

Hugo van der Kooij wrote:

>Hi,
>
>Over the months I get burst of SMTP attempts from nie2.infomail.es that
>seem to indicate a broken SMTP server.
>
>I reject email from them ever since complaints about spam were bounced as
>critical users like postmaster were not present.
>
>However them seem to ignore the SMTP specs and resend messages for a
>period untill they give up. As shown in a sample of my log for the last
>60 minutes alone:
>
>Nov 23 11:47:15 ultra1 sendmail[17464]: gANAlF517464: ruleset=check_relay, arg1=nie2.infomail.es, arg2=195.235.39.19, relay=nie2.infomail.es [195.235.39.19], reject=570 5.0.0 i'm denying smtp sessions from your system - see also http://hvdkooij.xs4all.nl/email.cms
>Nov 23 12:03:03 ultra1 sendmail[17877]: gANB33517877: ruleset=check_relay, arg1=nie2.infomail.es, arg2=195.235.39.19, relay=nie2.infomail.es [195.235.39.19], reject=570 5.0.0 i'm denying smtp sessions from your system - see also http://hvdkooij.xs4all.nl/email.cms
>Nov 23 12:14:11 ultra1 sendmail[18492]: gANBEB518492: ruleset=check_relay, arg1=nie2.infomail.es, arg2=195.235.39.19, relay=nie2.infomail.es [195.235.39.19], reject=570 5.0.0 i'm denying smtp sessions from your system - see also http://hvdkooij.xs4all.nl/email.cms
>Nov 23 12:27:45 ultra1 sendmail[18724]: gANBRj518724: ruleset=check_relay, arg1=nie2.infomail.es, arg2=195.235.39.19, relay=nie2.infomail.es [195.235.39.19], reject=570 5.0.0 i'm denying smtp sessions from your system - see also http://hvdkooij.xs4all.nl/email.cms
>Nov 23 12:44:06 ultra1 sendmail[19010]: gANBi6519010: ruleset=check_relay, arg1=nie2.infomail.es, arg2=195.235.39.19, relay=nie2.infomail.es [195.235.39.19], reject=570 5.0.0 i'm denying smtp sessions from your system - see also http://hvdkooij.xs4all.nl/email.cms
>
>Could someone verify this?
>
>Hugo.
>
>
>
Try reading the specs yourself :-) and change the error code from 570 to
550. This might work better. See ftp://ftp.isi.edu/in-notes/rfc821.txt
for why.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

Next message: Aaron Lewis: "RE: wu-ftpd attack ???"
Previous message: Aaron D. Lewis: "wu-ftpd attack ???"
In reply to: Hugo van der Kooij: "SMTP harrasment by nie2.infomail.es?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]