spamy od unknown usera
Dalibor Toman
dtoman na fortech.cz
Čtvrtek Červenec 12 09:04:10 CEST 2001
>
> Jde mi treba o tento radek:
> Received: from nasserver.cz ([203.168.22.202]) by mo5.hananet.net
>Ta ip adresa ale nase neni. V dalsich spamech byly jine, ale ze
stejne
>C domeny.
proste nejaky postovni klient, ktery zpravu odeslal na mo5.hananet.net
pouzil v HELO/EHLO jmeno Vaseho serveru.
Zajimave je, ze ta IP adresa nejenze nema reverzi ale ani RIPE k ni
nerekne nic rozumneho:
inetnum: 0.0.0.0 - 255.255.255.255
netname: IANA-BLK
descr: The whole IPv4 address space
country: NL
admin-c: IANA1-RIPE
tech-c: IANA1-RIPE
status: ALLOCATED UNSPECIFIED
remarks: The country is really worldwide.
remarks: This address space is assigned at various other places
in
remarks: the world and might therefore not be in the RIPE
database.
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: RIPE-NCC-HM-MNT
mnt-routes: RIPE-NCC-NONE-MNT
changed: bitbucket na ripe.net 20010529
source: RIPE
> Z relevantnich veci, ktere jsem nasel v maillogu snad jen treba
toto:
> Jul 11 11:31:34 beauty sendmail[8983]: f6B9VXG08983:
<krpff na nasserver.cz>... User unknown
> Jul 11 11:31:34 beauty sendmail[8983]: f6B9VXG08983: from=<>,
size=27764, class=0, nrcpts=0, proto=ESMTP, >daemon=MTA,
relay=[211.58.56.20]
to se jen pokousel dorucit spam primo na Vas server. Pokud Ti spravne
funguje relaying pak je to OK.
D. Toman
Další informace o konferenci Sendmail