[OT] HELP!!! mail attack
John Summerfield
debian at herakles.homelinux.org
Fri Mar 28 02:22:44 UTC 2008
Rodolfo Alcazar Portillo wrote:
>> Back to munging the lots and figuring out the attacking IP addresses,
>> etc as I outlined already.
>
> Already tried, but unsuccessful. rbl running.
> http://www.padep.org.bo/log20080325/checks/ips_by_attempt
That doesn't look too flash, the 10.x.x.x addresses shouldn't be coming
in from outside your network.
Do not use the headers from the email, just the info in your logs.
Have a look at how logwatch summarises the info for hints.
--
Cheers
John
-- spambait
1aaaaaaa at coco.merseine.nu Z1aaaaaaa at coco.merseine.nu
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375
You cannot reply off-list:-)
More information about the users
mailing list