OK, who's the idiot using tcwireless.us?
cdl at asgaard.org
Tue Oct 7 22:05:20 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
I agree with Howard here, I don't think this is a mis-configuration,
but a harvest attempt. The "mailserver" is in different messages, and
I can't see how that could get misconfigured in a honest validation
server. My guess is that someone is trolling the archives, and
sending this back? Why, I have no idea, given they already can see
the sending address.
On 07 Oct 2008, at 13.14, Valdis.Kletnieks at vt.edu wrote:
> Somebody on the NANOG mailing list has their mail pointing to
> which is throwing challenge/response mail like the following:
> Your message
> From: Valdis.Kletnieks at vt.edu
> To: n3td3v <xploitable at gmail.com>
> Subject: Re: Fwd: cnn.com - Homeland Security seeks cyber
> counterattack system (
> Einstein 3.0)
> Date: 10/6/2008
> has been just received by gmail.com mailserver.
> To prove that your message was sent by a human and not a computer,
> visit the URL below and type in the alphanumeric text you will see
> in the
> image. You will be asked to do this only once for this recipient.
> Your message will be automatically deleted in a few days if you do not
> confirm this request.
> DO NOT REPLY TO THIS MESSAGE. NO ONE WILL RECEIVE IT.
> Note it says 'gmail.com mailserver'. Paul Ferguson reported to me
> that the one
> he saw said 'received by vt.edu mailserver'. Also note that the
> has lost nanog at nanog.org - for both my note and Paul's (in fact,
> looking at
> Paul's actual posting and mine show nanog at nanog.org as being the
> only common
> link, thus the "must be a nanog subscriber" conclusion).
> Please, if you're going to use a C/R, at least learn how to
> whitelist the
> mailing lists you're on. And if you can't figure out how to do
> that, please
> do us all a favor and not try to run an operational network...
Check my PGP key here:
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the NANOG