Reindl Harald <h.rei...@thelounge.net> writes: > forget the big ones - just filter them out and look at the small ones > where PTR/Sender is from the same domain, connect it to your destination > domains which are easily to find out and voila you have > comapny-to-company relations by looking at the business > > a nice start for targeted phishings in the wrong hands
I think I understand what you mean: group the IP by type of business (through a PRT or a whois), find a valid username in both places and send some phising. This is mde even mor ecomplicated by the fact there is no message count, only a list of IP, so you can only guess how many messages may have been received from a given source (if I omit the IP of my own domain) what I can see s a large number of IT mailing lists and some .jp (probably spam though); it's not easy to make a business model from that. While possible, it seems a very complicated scenario for a very small amount of data (how many people will send some log?). It's faster to Google all the universities of Thailand, find valid usernames and send the phisihing: more data, easier to reproduce/scale up/port to other domains of activity. Olivier