"RelayFinder" Anyone else seen this? (erols, fnord, oneill may be interested)

• Previous message (by thread): "RelayFinder" Anyone else seen this? (erols, fnord, oneill may be interested)
• Next message (by thread): "RelayFinder" Anyone else seen this? (erols, fnord, oneill may be interested)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I was hit at bpisles.liii.com, by autumn.news.erols.com, my host is in no
way an SMTP server, and actually isn't even running an SMTP.

Jun 23 02:54:15 bpisles tcplog: smtp connection attempt from 
autumn.news.erols.com

On Wed, 24 Jun 1998, Dan Foster wrote:

> Hot Diggety! On a bright and sunny day, Ryan K. Brooks was rumored to have said...
> > Had a new box on the net for all of two hours, and this pops up on in my
> > maillog:
> > 
> > Jun 22 22:18:41 x sendmail[509]: WAA00509: SYSERR: putoutmsg
> > (autumn.news.erols.com): error on output channel sending "250
> > delay=00:01:16, xdelay=00:01:16, mailer=esmtp, relay=luser.oneill.net.
> > [207.96.89.34], stat=Deferred: Operation timed out with
> > luser.oneill.net.
> 
> Don't know what intentions were, but news.erols.com and oneill.net leads
> me to believe you probably want to contact Clayton O'Neill at
> coneill at erols.com.
> 
> Was hit by that, too...the host was id'ed as hmm.colo.erols.net as
> well as luser.oneill.net. Not too wild about it -- I figure SMTP hosts
> identified by DNS is fair game, but generally regard any other questionable
> access as potential abuse cases.
> 
> hmm.colo.erols.net doesn't exist in the DNS, so I'm not sure offhand whether
> this was spoofed or not.
> 
> Clayton, you know anything about this?
> 
> -Dan
> 
> 

-Brian Pavane
-LIII Support Staff

• Previous message (by thread): "RelayFinder" Anyone else seen this? (erols, fnord, oneill may be interested)
• Next message (by thread): "RelayFinder" Anyone else seen this? (erols, fnord, oneill may be interested)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]