> I'm just experimenting with adding greylisting, and doing it after
> the RCPT TO. I'm curious as to why Groupwise makes that a problem.
See
http://lists.roaringpenguin.com/pipermail/mimedefang/2004-January/019541.html
Also, note that Groupwise has had several security problems in its SMTP modu
On Thu, 22 Apr 2004 19:57:54 +0100, in local.mimedefang you wrote:
>is now being transmitted multiple times. That wouldn't be a problem
>with
>greylisting after the RCPT TO command, but too many folks use nasty
>Novell
>Groupwise for me to get away with that.
I'm just experimenting with adding g
On Thu, 22 Apr 2004, Sevo Stille wrote:
> This doesn't neccessarily imply coordination.
There's definitely coordination. The attempts come in one after the
other, with no overlap -- if you look in my mail log, you'll see
that the delivery attempts are nicely serialized. Machine 1 tries, fails.
- Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, April 22, 2004 5:19 PM
Subject: RE: [Mimedefang] Spammer zombie group behaviour
> > From: Chris Myers [mailto:[EMAIL PROTECTED]
> >
> > There are groups o
> From: Chris Myers [mailto:[EMAIL PROTECTED]
>
> There are groups of spam zombie systems THAT ARE COMMUNICATING
> WITH EACH OTHER to retry failed deliveries. If System A fails
todeliver
> the message, then System B tries, and then System C tries, and so on.
Indeed. If this were in
David F. Skoll wrote:
One more followup: We have dramatic evidence of coordination.
Please see, for example:
http://www.roaringpenguin.com/canit/reports.php?what=hit-n-run-dom&domain=t-online.de
Log in as "demo" with password "demo"
You can see clusters of machines with each cluster comprising a
--On Thursday, April 22, 2004 1:57 PM -0500 Chris Myers
<[EMAIL PROTECTED]> wrote:
I don't have a way to get my hands on one of the compromised systems, so I
don't know how they're communicating (I can speculate of course...), but
it seems pretty clear to me that they ARE communicating.
We ha
One more followup: We have dramatic evidence of coordination.
Please see, for example:
http://www.roaringpenguin.com/canit/reports.php?what=hit-n-run-dom&domain=t-online.de
Log in as "demo" with password "demo"
You can see clusters of machines with each cluster comprising a spam
attack. The la
On Thu, 22 Apr 2004, Chris Myers wrote:
> There are groups of spam zombie systems THAT ARE COMMUNICATING
> WITH EACH OTHER to retry failed deliveries. If System A fails
> to deliver the message, then System B tries, and then System C
> tries, and so on.
I have observed this behav
9 matches
Mail list logo
