-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 04 January 2002 05:59 pm, Rob Saul wrote: > Likely they were testing to see if you had an open relay. > Thats' the 'o' and the 'r' in their name. Every bl place > I've look at has some system for testing for open relays. > This is part of how they generate their list. > > Note, using a bl will reduce, but not eliminate spam. You'll > likely need to set up an additional filtering system. Sendmail > has the Mitler API, and I'm pretty sure both qmail and postfix > have similar mechanisms. > > On Thursday 03 January 2002 05:13, you wrote: > > Patrick Nelson wrote: > > >On Thu, 2002-01-03 at 10:12, Jon Hoffman wrote: > > <snip> > > > This is interesting. Either orbz.org or someone masquerading as > > orbz.org spent 23 minutes on New Years attempting to get my smtp > > server to relay for them. They tried over 100 different combinations > > trying to get something relayed. As far as I can tell from the logs, > > nothing got through. It appears that orbz.org or someone was trying > > to send a bunch of spam through my server.
Yes, it looks as if that is the case. I just checked their site, and verified that they scanned my address on New Years Eve. From their lookup page: (http://orbz.org/sysadmin-grey.php) ORBZ Database Information IP: 24.241.42.144 State: clean Listed in inputs: no Listed in outputs: no (What's the difference between inputs and outputs?) Last Test: 2001-12-31 20:13:26 UTC Last Test Result: all probes refused The last line is interesting. They were unable to actually test my mailserver, because my firewall objected to the bogus TCP flags on the packets. It seems to me that would limit the value of their tests. Dec 31 15:13:26 tuxfan kernel: ipt_unclean: TCP reserved bits not zero Dec 31 15:13:26 TCP: Bogus TCP flags set by sender.orbz.org (205.231.149.53):53956 (dest port 25) - -D - -- pgp key: http://www.tuxfan.homeip.net:8080/pgpkey.txt - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8NlXPeMAUbzJhSVcRAkTdAJ9mDbskAJ3P+U+d1lV96Szs6zf4ygCeOBg2 FzWWkMOhQOZGHIlc32S/GwI= =f+8d -----END PGP SIGNATURE----- _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
