-- Betty McBreen 631-344-5111 Fax 631-344-1334 ----- Original Message ----- From: "Tim Sailer" <sailer@bnl.gov> To: <sysadmin-l@lists.bnl.gov> Sent: Thursday, January 24, 2002 10:45 AM Subject: [SysAdmin-l] SPAM > Folks, > As many of you have noticed, since December, we have seen a huge increase > in the amount of UCE/SPAM being delivered. This happened because the > filtering service we had been using (for free) went to a completely paid > subscription. This morning, I pointed our smtp gateway at the service > frm www.spamhaus.org . From the logs, this is blocking a lot of stuff, > most of the addresses recognisable as the spam sites we have been seeing. > > PLEASE, if legitimate mail starts getting blocked, let me know immediately, > instead of screaming to management about mail being broken. I'm trying > to reach a balance, and sometimes it's a fine line. > > Thanks, > Tim > > Log clips: > > 2002-01-24 10:45:23 recipients refused from s0270.pm0.net [161.58.202.103] (RBL relays.osirusoft.com) > -------------------------------------------------------------------------- ---- > 2002-01-24 10:45:30 recipients refused from user-112u5pp.biz.mindspring.com [66.47.23.57] (RBL relays.osiru > soft.com) > -------------------------------------------------------------------------- ---- > 2002-01-24 10:45:37 recipients refused from [168.234.195.195] (RBL relays.osirusoft.com) > -------------------------------------------------------------------------- ---- > 2002-01-24 10:45:49 recipients refused from s0200.pm0.net [128.121.215.218] (RBL relays.osirusoft.com) > -------------------------------------------------------------------------- ---- > 2002-01-24 10:46:48 recipients refused from [207.190.229.198] (RBL relays.osirusoft.com) > -------------------------------------------------------------------------- ---- > 2002-01-24 10:47:05 recipients refused from pms.nih.gov [128.231.160.111] (RBL relays.osirusoft.com) > -------------------------------------------------------------------------- ---- > 2002-01-24 10:48:13 recipients refused from [207.122.19.68] (RBL relays.osirusoft.com) > -------------------------------------------------------------------------- ---- > 2002-01-24 10:49:06 recipients refused from laoutbound2.jackpot.com [64.70.22.151] (RBL relays.osirusoft.co > m) > -------------------------------------------------------------------------- ---- > 2002-01-24 10:50:14 recipients refused from [204.71.191.179] (RBL relays.osirusoft.com) > -------------------------------------------------------------------------- ---- > 2002-01-24 10:51:42 16TmAA-0007TI-00 rejected from gpxbof.df.unibo.it (mail.cmr.com.cn) [137.204.48.43] <gr > eatex@371.net>: syntax error in 'To' header: "@" or "." expected after "Undisclosed": failing address is: < > Undisclosed Recipients> > Recipients: BELEGGIA@BNL.GOV > P Received: from gpxbof.df.unibo.it ([137.204.48.43] helo=mail.cmr.com.cn) > by smtpgw.bnl.gov with smtp (Exim 3.32 #1 ) > id 16TmAA-0007TI-00 > for <BELEGGIA@BNL.GOV>; Thu, 24 Jan 2002 10:51:42 -0500 > P Received: from mail.cmr.com.cn (211.99.206.199) by GPXBOF with TCP/IP SMTP; > Thu, 24 JAN 02 10:49 WET > P Received: from mx.371.net ([195.202.93.105]) by mail.cmr.com.cn with Microsoft SMTPSVC(5.0.2195.3779); > Thu, 24 Jan 2002 17:51:00 +0800 > I Message-ID: <00006fbd228f$000024f9$00007516@mx.371.net> > T To: <Undisclosed Recipients> > Date: Sat, 02 Feb 2002 16:42:11 -2000 > MIME-Version: 1.0 > Content-Type: text/html; > charset="iso-8859-1" > Content-Transfer-Encoding: quoted-printable > * Return-Path: greatex@371.net > X-OriginalArrivalTime: 24 Jan 2002 09:51:02.0367 (UTC) FILETIME=[A21C86F0:01C1A4BC] > F From: <greatex@371.net> > Subject: SLUTTY BITCHES TAKE IT ALL!!12515 > -------------------------------------------------------------------------- ---- > 2002-01-24 10:51:51 recipients refused from exploder7.em5000.net [64.37.114.70] (RBL relays.osirusoft.com) > -------------------------------------------------------------------------- ---- > 2002-01-24 10:51:53 recipients refused from [65.213.155.35] (RBL relays.osirusoft.com) > -------------------------------------------------------------------------- ---- > 2002-01-24 10:53:42 SMTP call from ntdgkl.mint.gov.my (nt_dgkl.mint.gov.my) [202.186.20.2] dropped: too man > y unrecognized commands > -------------------------------------------------------------------------- ---- > > -- > Tim Sailer <sailer@bnl.gov> > Manager, Cyber Security Operations > Brookhaven National Laboratory (631) 344-3001 > > _______________________________________________ > SysAdmin-l mailing list > SysAdmin-l@lists.bnl.gov > http://lists.bnl.gov/mailman/listinfo/sysadmin-l >
This archive was generated by hypermail 2b30 : Thu Jan 24 2002 - 12:18:56 EST