Fairly rude surprise in logs this AM -- possible DoS attempt?
David Wolfskill
david at catwhisker.org
Tue Jan 20 20:32:14 PST 2004
>Date: Tue, 20 Jan 2004 16:22:40 -0800 (PST)
>From: Alvin Oga <alvin at Mail.Linux-Consulting.com>
>To: "Roy S. Rapoport" <rsr at inorganic.org>
>cc: baylisa at baylisa.org
>Subject: Re: Fairly rude surprise in logs this AM -- possible DoS attempt?
>Sender: owner-baylisa at baylisa.org
>> And they don't advertise their results either.
>thats what makes it all fishy, and that they scan to test for openrelays
I'll point out here that my correspondent, in a portion of his response
which I elided from my message to baylisa@, invited me to make use of
their RBL service. (I thnked him for the offer, and indicated that I'd
research the means by which the list was maintained before making a
decision.)
>> Frankly, one reciprocal test feels like it's OK for me -- if I'm trying to
>> send something through your system, I feel that you have the right to try
>> to send something through mine. Tens of tests are not OK, and preemptive
>> tests are not OK either.
>:-)
>or an excuse after the fact ... after having scanned the victim ( site
>under tests )
>am assuming david did NOT send any email prior to them scanning his
>servers
Actually, it seems that I probably did: I no longer save spam itself,
but I do log some information about it. And what I have logged shows
that I probably sent mail to abuse at zonnet.nl around Sun Jan 18 12:51:36
2004. The message would have been in re: spam vectored via
dslam36-32-59-81.dyndsl.zonnet.nl [81.59.32.36].
Peace,
david
--
David H. Wolfskill david at catwhisker.org
I do not "unsubscribe" from email "services" to which I have not explicitly
subscribed. Rather, I block spammers' access to SMTP servers I control,
and encourage others who are in a position to do so to do likewise.
More information about the Baylisa
mailing list