Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Netsys Mailman Probes due to Illegal Attachments
From: James Tucker <jftucker () gmail com>
Date: Tue, 28 Dec 2004 09:37:41 -0400

Everyone else on gmail and with other good MTA filters getting these?

Thought it is interesting to note that so many (other people's)
addresses are being sent out in the probe...

  ----- The following addresses had permanent fatal errors -----
<scz () nsfocus com>
   (reason: 550 Error: Message content rejected)
<administrator () maginetworks com>
   (reason: 550 5.0.0 your mail contains a virus)
<osnews () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<martin.burton () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<infolist () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<dogobrazil () spymac com>
   (reason: 550 Blacklisted file extension detected)
<gskouby () sitesnow com>
   (reason: 550 Blacklisted file extension detected)
<jneedle () redhat com>
   (reason: 554 5.7.1 Rejecting because of virus Worm.Bagle.Z)
<formatez () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<jmaier () ahlmann com>
   (reason: 550 Error: attachment type not allowed)
<gzhanyz () 21cn com>
   (reason: 553 Mail data refused by AISP, rule [2640375].)
<qixianqin () 126 com>
   (reason: 550 CoremailSys:Your message was blocked by NetEase
AntiSpam+...(T0E8Jxjr0EEysqOM.1.C.12921))
<marcano () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<radicand () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<shonkyholdings () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<greg.bur () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<core10 () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<n00blette () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<f.caccavella () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<screenster () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<amathews () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<jftucker () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<bartuso () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<has207 () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<grantmc () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<scott.sargent () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<michael.hale () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<wolvie () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<cren888 () gmail com>
   (reason: 552 5.7.0 Illegal Attachment)
<chance () dreamscope com>
   (reason: 550 Error: Files attached to emails that contain or end in
.scr are prohibited on this server as they may contain viruses.)

  ----- Transcript of session follows -----
... while talking to 211.152.8.69.:
DATA
<<< 550 Error: Message content rejected
554 5.0.0 Service unavailable
... while talking to mailin.webmailer.de.:
DATA
<<< 550 5.0.0 your mail contains a virus
554 5.0.0 Service unavailable
<mweber () hitwin com>... Deferred: Connection timed out with mail.hadag.com.
... while talking to gsmtp171.google.com.:
DATA
<<< 552 5.7.0 Illegal Attachment
554 5.0.0 Service unavailable
... while talking to mail-in2.spymac.net.:
DATA
<<< 550 Blacklisted file extension detected
554 5.0.0 Service unavailable
... while talking to mail.sitesnow.com.:
DATA
<<< 550 Blacklisted file extension detected
554 5.0.0 Service unavailable
... while talking to mx1.redhat.com.:
DATA
<<< 554 5.7.1 Rejecting because of virus Worm.Bagle.Z
554 5.0.0 Service unavailable
... while talking to gsmtp171.google.com.:
DATA
<<< 552 5.7.0 Illegal Attachment
554 5.0.0 Service unavailable
... while talking to mail.ahlmann.com.:
DATA
<<< 550 Error: attachment type not allowed
554 5.0.0 Service unavailable
... while talking to mta2.21cn.com.:
DATA
<<< 553 Mail data refused by AISP, rule [2640375].
554 5.0.0 Service unavailable
... while talking to mx.mail.126.com.:
DATA
<<< 550 CoremailSys:Your message was blocked by NetEase
AntiSpam+...(T0E8Jxjr0EEysqOM.1.C.12921)
554 5.0.0 Service unavailable
... while talking to gsmtp171.google.com.:
DATA
<<< 552 5.7.0 Illegal Attachment
554 5.0.0 Service unavailable
... while talking to mail.dreamscope.com.:
DATA
<<< 550 Error: Files attached to emails that contain or end in .scr
are prohibited on this server as they may contain viruses.
554 5.0.0 Service unavailable


Final-Recipient: RFC822; scz () nsfocus com
Action: failed
Status: 5.2.0
Remote-MTA: DNS; 211.152.8.69
Diagnostic-Code: SMTP; 550 Error: Message content rejected
Last-Attempt-Date: Tue, 28 Dec 2004 00:04:01 -0500 (EST)

Final-Recipient: RFC822; administrator () maginetworks com
Action: failed
Status: 5.0.0
Remote-MTA: DNS; mailin.webmailer.de
Diagnostic-Code: SMTP; 550 5.0.0 your mail contains a virus
Last-Attempt-Date: Tue, 28 Dec 2004 00:04:42 -0500 (EST)

Final-Recipient: RFC822; osnews () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:05:31 -0500 (EST)

Final-Recipient: RFC822; martin.burton () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:05:31 -0500 (EST)

Final-Recipient: RFC822; infolist () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:05:31 -0500 (EST)

Final-Recipient: RFC822; dogobrazil () spymac com
Action: failed
Status: 5.2.0
Remote-MTA: DNS; mail-in2.spymac.net
Diagnostic-Code: SMTP; 550 Blacklisted file extension detected
Last-Attempt-Date: Tue, 28 Dec 2004 00:07:06 -0500 (EST)

Final-Recipient: RFC822; gskouby () sitesnow com
Action: failed
Status: 5.2.0
Remote-MTA: DNS; mail.sitesnow.com
Diagnostic-Code: SMTP; 550 Blacklisted file extension detected
Last-Attempt-Date: Tue, 28 Dec 2004 00:08:56 -0500 (EST)

Final-Recipient: RFC822; jneedle () redhat com
Action: failed
Status: 5.7.1
Remote-MTA: DNS; mx1.redhat.com
Diagnostic-Code: SMTP; 554 5.7.1 Rejecting because of virus Worm.Bagle.Z
Last-Attempt-Date: Tue, 28 Dec 2004 00:09:43 -0500 (EST)

Final-Recipient: RFC822; formatez () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:09:46 -0500 (EST)

Final-Recipient: RFC822; jmaier () ahlmann com
Action: failed
Status: 5.2.0
Remote-MTA: DNS; mail.ahlmann.com
Diagnostic-Code: SMTP; 550 Error: attachment type not allowed
Last-Attempt-Date: Tue, 28 Dec 2004 00:10:55 -0500 (EST)

Final-Recipient: RFC822; gzhanyz () 21cn com
Action: failed
Status: 5.1.0
Remote-MTA: DNS; mta2.21cn.com
Diagnostic-Code: SMTP; 553 Mail data refused by AISP, rule [2640375].
Last-Attempt-Date: Tue, 28 Dec 2004 00:11:42 -0500 (EST)

Final-Recipient: RFC822; qixianqin () 126 com
Action: failed
Status: 5.2.0
Remote-MTA: DNS; mx.mail.126.com
Diagnostic-Code: SMTP; 550 CoremailSys:Your message was blocked by NetEase
       AntiSpam+...(T0E8Jxjr0EEysqOM.1.C.12921)
Last-Attempt-Date: Tue, 28 Dec 2004 00:12:04 -0500 (EST)

Final-Recipient: RFC822; marcano () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:12:16 -0500 (EST)

Final-Recipient: RFC822; radicand () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:12:16 -0500 (EST)

Final-Recipient: RFC822; shonkyholdings () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:12:16 -0500 (EST)

Final-Recipient: RFC822; greg.bur () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:12:16 -0500 (EST)

Final-Recipient: RFC822; core10 () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:12:16 -0500 (EST)

Final-Recipient: RFC822; n00blette () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:12:16 -0500 (EST)

Final-Recipient: RFC822; f.caccavella () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:12:16 -0500 (EST)

Final-Recipient: RFC822; screenster () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:12:16 -0500 (EST)

Final-Recipient: RFC822; amathews () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:12:16 -0500 (EST)

Final-Recipient: RFC822; jftucker () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:12:16 -0500 (EST)

Final-Recipient: RFC822; bartuso () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:12:16 -0500 (EST)

Final-Recipient: RFC822; has207 () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:12:16 -0500 (EST)

Final-Recipient: RFC822; grantmc () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:12:16 -0500 (EST)

Final-Recipient: RFC822; scott.sargent () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:12:16 -0500 (EST)

Final-Recipient: RFC822; michael.hale () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:12:16 -0500 (EST)

Final-Recipient: RFC822; wolvie () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:12:16 -0500 (EST)

Final-Recipient: RFC822; cren888 () gmail com
Action: failed
Status: 5.7.0
Remote-MTA: DNS; gsmtp171.google.com
Diagnostic-Code: SMTP; 552 5.7.0 Illegal Attachment
Last-Attempt-Date: Tue, 28 Dec 2004 00:12:16 -0500 (EST)

Final-Recipient: RFC822; chance () dreamscope com
Action: failed
Status: 5.2.0
Remote-MTA: DNS; mail.dreamscope.com
Diagnostic-Code: SMTP;
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
  • Netsys Mailman Probes due to Illegal Attachments James Tucker (Dec 28)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault