Hello Stan Hoeppner,
Am 2012-02-25 12:33:26, hacktest Du folgendes herunter:
> That won't stop it all, and may cause FPs. Much better is a
> header regex such as:
>
> /Received: from .*213.251.189.205/
>
> The spam in this campaign is all originating from a [likely compromised]
> OVH server at IP address 213.251.189.205:
>
> Received: from gw5.ovh.net (HELO 240plan.ovh.net) (213.251.189.205)
>
> $ grep -c 213.251.189.205 1-Debian-Users
> 49
Unfortunately OVH is one of the biggest spam sender in Europe appart
from 1&1. Normaly someone schould block the entired network, because
<abuse> is absolutely inactive and give a fuck on complains.
I have already used some script-kiddie scripts to stop some (maybe
hijacked) IP blocks of OVH to send me several million spams. (I was able
to kick-off/crash the spam servers)
You can not even reach OVH by telephone in case of urgence.
> Stan
Thanks, Greetings and nice Day/Evening
Michelle Konzack
--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux
Internet Service Provider, Cloud Computing
<http://www.itsystems.tamay-dogan.net/>
<http://www.debian.tamay-dogan.net/>
itsystems@tdnet Jabber linux4michelle@jabber.ccc.de
Owner Michelle Konzack
Gewerbe Strasse 3 Tel office: +49-176-86004575
77694 Kehl Tel mobil: +49-177-9351947
Germany Tel mobil: +33-6-61925193 (France)
USt-ID: DE 278 049 239
Linux-User #280138 with the Linux Counter, http://counter.li.org/
Attachment:
signature.pgp
Description: Digital signature