[IMail Forum] SMTP Exploit Scanning + 8.05 + ASSP 1.2.4

Mon, 30 Oct 2006 02:07:27 -0800

Found in ASSP Logs:

Oct-23-06 11:06:36 87.0.57.8 <> malformed address: '@qo:ÄÿïÿÿD3Ƀé°èÿÿÿÿÀ^v“{½6ƒîüâôoV{{‚BÉl6Z·_6s¯ðÁ3ëzR½Üc6i³zVO67}J}¯?ÿ}B”ºw;’¹V¨/™æž6i·zVPwö½Ìg¼ÝW6¿ÿ_¡WPJfR8½Ów6FÖ6v›%Õ¸ÝuQfl­ÛeõŽû ÎÌ/Bæû°Pʨ+BàÌòXP–µ4Æ¿ÉCd?fÖêÉE(îeÀ(þeÐ(Bæõ¬jõ(4×,ã¼êÉE­gÆ„m^7Ö“ßÄ„keÆ„m^v2;Ä„kfÇ/èÉCèÕÑê½Äal­èÉC×RõÞ[ž×fÊRq¿tù¿qJ}Å9…ÿm9‘¥…8ÐÕDmÈ«Éæ?BàÈ,ïgÂ*×7Â*ègl«Õ›J~sel­×ÉlLBæ,AµWBàÁ„m^cñ¹iÀ„kÉC{½6SSS'

Oct-23-06 11:06:36 87.0.57.8 <> is disconnected


Pere Ginabreda.




-----Mensaje original-----
De: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]En nombre de Beach Computers
Enviado el: domingo, 29 de octubre de 2006 17:13
Para: Imail_Forum@list.ipswitch.com
Asunto: RE: [IMail Forum] SMTP Exploit Scanning Going on NOW


Thank you!

Doug,
Oct-29-06 07:28:10 210.91.106.44 <> malformed address: '@qo:ÄÿïÿÿDjPYÙîÙt$ô[sŒo²ƒëüâôóæ„ÿçuMðìäÞ+¨ä÷3 [EMAIL PROTECTED]/„û„¸ä³á½¯+£¯ÆM¥¿N„F4ØKšziäí+„Ô„€$9PnY ä;c¨sÓ̽´Ö„Ï_9O€äÂ!äò Ò <A‚ƒâðZ        áiä\€gû€PؐbgG‚N4ܐdPŠÔŽag°ZæmMß䶻ú!8MÙß<á\ß,áLߐbiäwîißæSšä˨K8MÙæãZs¿Ú«!A[Xs¹áZs¿ÚêÅéûXs¹â[Ø:Mß UvJåðZ:MßêÖiä ߆iâV¥£;èæ+;í½¯A¥r-ŸñÎC!‚öW¤' Àñ?yMzȐdTÛ=ã^ݳ^Ý:ãð\ Ö‰¡áðZMð»b„Û“1Ëèd]s¿Úÿkí\s¹Mߌo²SSS'

This is from ASSP with delaying on, everything in test mode.
Still trying to get the server backup, so sorry for the short reply.


<rant>
All I can say at this point is I FULLY regret going with Ipswitch and putting up with all the crap they pull all the time.
It's one thing where an upgrade is optional unless you want features, but a vulnerability left open is simply unacceptable.
If the server stays up long enough so I have time to deal with this on Monday, I'm planning on calling around to different publications and seeing if they will publish anything about this.
</rant>




Dave

 -----------------------------------
|Beach Computers                    |
|Affordable Hosting Solutions       |
|http://www.beachcomp.com           |
 ===================================
|Cheap Domain Warehouse             |
|Get Your Own Dot!                  |
|http://www.cheapdomainwarehouse.com|
 ----------------------------------

------------------------------------
Disclaimer and confidentiality note:

The contents of this communication are intended/meant only for addressee(s) and may contain information that is privileged or otherwise confidential.
If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the
contents of this information is strictly prohibited and may be unlawful.
The contents of this e-mail shall not be forwarded to any third party. If you have received this electronic mail transmission in error, please delete
it from your system without copying or forwarding it, and notify the sender of the error by reply email, so that the sender's address records
can be corrected.
Views and opinions are solely those of the sender unless clearly indicated as being that of Beach Computers or any of it's affiliated companies.
Beach Computers cannot assure that the integrity of this communication has been maintained or that it is free of errors, virus, interception or interference.

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Mike N
Sent: Sunday, October 29, 2006 10:58 AM
To: Imail_Forum@list.ipswitch.com
Subject: Re: [IMail Forum] SMTP Exploit Scanning Going on NOW

Go to the IMail administrator / Services / SMTP / "Edit Kill File".   Enter
[EMAIL PROTECTED] and restart SMTP.  NOTE: This will also block everything matching that pattern - including [EMAIL PROTECTED] (I just made that one up - don't know if it exists), so there MIGHT be side effects.


----- Original Message -----

Is there a way to do a global ban from [EMAIL PROTECTED]
The only way I know is to create a rule for each domain which can be a nightmare.


To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/

NrzórrzÊryҶ…æ1

Reply via email to