Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Fishing for open relays
From: John Pettitt <jpp () CLOUDVIEW COM>
Date: Tue, 31 Oct 2000 17:42:40 -0600
Anybody else been seeing this?  I've been getting a lot of "relay tests" of
late some look legit (AOL seems to be scanning for open relays) and some
like this one look bogus (why would joymail.com use a pac-bell DSL account?)

John



Date: Tue, 31 Oct 2000 15:35:09 -0800 (PST)
Subject: Postfix SMTP server: errors from
adsl-216-102-218-162.dsl.snfc21.pacbell.net[216.102.218.162]

Transcript of session follows.

 Out: 220 gatekeeper.cloudview.com ESMTP Postfix
 In:  HELO Scanner
 Out: 250 gatekeeper.cloudview.com
 In:  MAIL FROM: abusecheck () joymail com
 Out: 250 Ok
 In:  RCPT TO: mailservers () joymail com
 Out: 554 <mailservers () joymail com>: Recipient address rejected: Relay access
     denied

Session aborted, reason: lost connection



John Pettitt                                     Email: jpp () cloudview com

To the optimist, the glass is half full.
To the pessimist, the glass is half empty.
To the engineer, the glass is twice as big as it needs to be.
To the plumber, any liquid in the glass is potential income.

PGP keys on MIT & pgp.com servers.
Fingerprint: 81B5 446D 3E0E 1CDE 5A45  644A A744 54C4 7886 3658

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]