[CentOS] pop3 attack
jep at obrien-pifer.com
Sat Mar 14 15:42:58 UTC 2009
> I use zen.spamhaus.org on my server, so you're welcome to send a test
> message directly to me off list and see if it bounces or not (you will
> get greylisted first for 60 seconds)
Sent a test message. Here's what's in maillog:
Mar 14 11:00:28 mailserver sendmail: n2EF0LTt025094: to=<ned at unixmail.co.uk>, ctladdr=<jep at obrien-pifer.com> (503/503), delay=00:00:07, xdelay=00:00:03, mailer=relay, pri=120391, relay=smtp-server.carolina.rr.com. [220.127.116.11], dsn=2.0.0, stat=Sent (Message received: 20090314134107.MZQS7442.cdptpa-omta01.mail.rr.com at mailserver.obrien-pifer.com)
Been several minutes and no bounce. Guess that's a good thing.
> It shouldn't if everything is configured correctly. As I said above, to
> me it looks more like the receiving server is misconfigured. That might
> be intentional, who knows, but they will get FPs as a result from anyone
> like yourself who correctly relays mail through their ISP.
That would stink, but appears to be the case.
More information about the CentOS