[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: repeated attempts delivering mail to 'unknown user@samedomain'

Florian Weimer wrote:

in the last 3 days, one of our mx domains has been the target of the
following ( the real domainname replaced by DOMAIN.XX ) :

These are just regular spamming attempts.  Nothing to worry about.
it's the network connection part of it that baffles me. we're past the tcp handshaking when smtp is invoked, which means there's a valid connection ( = src and dest exists ) - for me it implies that the spammer(bot) sends from multiple valid ips/networks, and with the ridiculous generated account names, i fail to see the point from the spammers view ( nothing is ever accepted )

expect neither good nor evil.
	- deal with it

Reply to: