I read my log watch every day for my server PC each time I notice anWell, if it is one of these spare bedroom data center type ISPs that are springing up to send spam mail, your quest may become futile. I write code for an anti-spam mail filtering service provider, and it is a royal pain in the ass to track down these luzers. (assuming this is a spammer probe and not a legitimate mistake some admin might be making) Also, it may be an infected host in that network that has some kind of adware/spyware/spamware daemon probing for extra hops.
attempted unauthorized access I run the IP through whois and then I send
an email to the abuse@ address I see at the bottom of whois report. This morning I found a third attempt to send email through my smtp
server from kornet.net. Is there anyone I can report them to if it
happens again? I've sent them email all three times that they've
attempted to use my server...
-Michael Sullivan-
You may wanna play with them a little bit, give him an open relay and see what follows. (dont walk away from the terminal while you are doing this, I mean, be watching tcpdump in real time) If this is a smapper ISP, just block their network/domain/whatever at your smtp server. (postfix is great for this type of thing)
-cc
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
