Re: SMTP flood + spamdb

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Peter N. M. Hansteen

Date: Tuesday, September 25, 2007 - 1:50 am

Craig Skinner <craig.skinner@kepax.co.uk> writes:

quoted text> malware, so they will quickly bypass spamd. Spamd greytraps will help
> a great deal, but you say that the addresses are random.

I think what happened here is that somebody let the random address
generator run for longer than intended.  

One or more spammer groups has been doing similar things to some of
the domains I admin for some months now, and the typical rate of new,
essentially random, addresses found per day is about 20, sometimes as
high as 50, and in one case more than 700.  That last one was probably
a case of asleep at the wheel too.

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

SMTP flood + spamdb, patrick keshishian, (Sun Sep 23, 3:33 pm)

Re: SMTP flood + spamdb, Darrin Chandler, (Sun Sep 23, 5:39 pm)

Re: SMTP flood + spamdb, patrick keshishian, (Sun Sep 23, 8:53 pm)

Re: SMTP flood + spamdb, Daniel Ouellet, (Sun Sep 23, 8:58 pm)

Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Sun Sep 23, 10:34 pm)

Re: SMTP flood + spamdb, Stuart Henderson, (Mon Sep 24, 3:47 am)

Re: SMTP flood + spamdb, patrick keshishian, (Mon Sep 24, 8:01 pm)

Re: SMTP flood + spamdb, patrick keshishian, (Tue Sep 25, 12:08 am)

Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Tue Sep 25, 12:38 am)

Re: SMTP flood + spamdb, Craig Skinner, (Tue Sep 25, 1:38 am)

Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Tue Sep 25, 1:50 am)

Re: SMTP flood + spamdb, Stuart Henderson, (Tue Sep 25, 2:29 am)

Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Tue Sep 25, 3:36 am)

Re: SMTP flood + spamdb, Stuart Henderson, (Tue Sep 25, 3:56 am)

Re: SMTP flood + spamdb, RW, (Tue Sep 25, 4:00 am)

Re: SMTP flood + spamdb, Liviu Daia, (Tue Sep 25, 4:14 am)

Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Tue Sep 25, 4:22 am)

Re: SMTP flood + spamdb, Craig Skinner, (Tue Sep 25, 4:30 am)

Re: SMTP flood + spamdb, Craig Skinner, (Tue Sep 25, 4:40 am)

Re: SMTP flood + spamdb, Chris Smith, (Tue Sep 25, 7:51 am)

Re: SMTP flood + spamdb, RW, (Tue Sep 25, 4:04 pm)

Re: SMTP flood + spamdb, RW, (Tue Sep 25, 4:17 pm)

Re: SMTP flood + spamdb, Liviu Daia, (Tue Sep 25, 5:16 pm)

Re: SMTP flood + spamdb, RW, (Tue Sep 25, 9:25 pm)

Re: SMTP flood + spamdb, Craig Skinner, (Wed Sep 26, 12:50 am)

Re: SMTP flood + spamdb, Craig Skinner, (Wed Sep 26, 1:00 am)

Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Wed Sep 26, 1:46 am)

Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 4:18 am)

Re: SMTP flood + spamdb, Damien Miller, (Wed Sep 26, 5:45 am)

Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 6:27 am)

Re: SMTP flood + spamdb, Craig Skinner, (Wed Sep 26, 6:41 am)

Re: SMTP flood + spamdb, Jeremy C. Reed, (Wed Sep 26, 6:51 am)

Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 7:02 am)

Re: SMTP flood + spamdb, Luca Corti, (Wed Sep 26, 7:22 am)

Re: SMTP flood + spamdb, Craig Skinner, (Wed Sep 26, 7:29 am)

Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 7:38 am)

Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 7:48 am)

Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Wed Sep 26, 7:54 am)

Re: SMTP flood + spamdb, Craig Skinner, (Wed Sep 26, 8:01 am)

Re: SMTP flood + spamdb, Dave Anderson, (Wed Sep 26, 8:03 am)

Re: SMTP flood + spamdb, Stuart Henderson, (Wed Sep 26, 8:23 am)

Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Wed Sep 26, 8:26 am)

Re: SMTP flood + spamdb, Luca Corti, (Wed Sep 26, 8:59 am)

Re: SMTP flood + spamdb, Luca Corti, (Wed Sep 26, 9:06 am)

Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 10:05 am)

Re: SMTP flood + spamdb, Bob Beck, (Wed Sep 26, 10:22 am)

Re: SMTP flood + spamdb, Jeremy C. Reed, (Wed Sep 26, 10:48 am)

Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 11:13 am)

Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 11:16 am)

Re: SMTP flood + spamdb, Rob, (Wed Sep 26, 2:03 pm)

Re: SMTP flood + spamdb, Hannah Schroeter, (Wed Sep 26, 2:33 pm)

Re: SMTP flood + spamdb, Rob, (Wed Sep 26, 2:51 pm)

Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Wed Sep 26, 3:17 pm)

Re: SMTP flood + spamdb, RW, (Wed Sep 26, 3:21 pm)

Re: SMTP flood + spamdb, Eric Johnson, (Thu Sep 27, 2:45 am)

Re: SMTP flood + spamdb, Juan Miscaro, (Thu Sep 27, 9:36 am)

Re: SMTP flood + spamdb, Bob Beck, (Thu Sep 27, 10:50 am)

Re: SMTP flood + spamdb, Kurt Mosiejczuk, (Thu Sep 27, 11:04 am)


linux-kernel:
monstr	[PATCH 46/56] microblaze_v2: headers files entry.h current.h mman.h registers.h se...
Jan Engelhardt	Re: Linux Security Module Framework (Was: LSM conversion to static interface)
Dave Jones	Re: Why do so many machines need "noapic"?
Michael Moore	Re: underage models, pre teen models, lolita porn, young preteens, little lolitas
Lars-Peter Clausen	[PATCH v4] MMC: Add JZ4740 mmc driver
git:
Andy Parkins	git-fetch fails with error code 128
Eli Zaretskii	Re: Switching from CVS to GIT
Jan Harkes	Re: git-svn and huge data and modifying the git-svn-HEAD branch directly
Dan Chokola	Re: how do you "force a pull"?
Johan Herland	Re: Comment on weak refs
git-commits-head:
Linux Kernel Mailing List	No need to do lock_super() for exclusion in generic_shutdown_super()
Linux Kernel Mailing List	x86, msr: Export the register-setting MSR functions via /dev/*/msr
Linux Kernel Mailing List	MIPS: SMTC: Fix lockup in smtc_distribute_timer
Linux Kernel Mailing List	Input: gpio-keys - add support for disabling gpios through sysfs
Linux Kernel Mailing List	sh-sci: update receive error handling for muxed irqs
linux-netdev:
Patrick McHardy	Re: no reassembly for outgoing packets on RAW socket
Ilpo Järvinen	net-next/unix: BUG: using smp_processor_id() in preemptible
Herbert Xu	Re: [PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Evgeniy Polyakov	Re: virt-manager broken by bind(0) in net-next.
Eric Dumazet	Re: [PATCH] conntrack: use SLAB_DESTROY_BY_RCU for nf_conn structs
openbsd-misc:
elitdostlar	Seks partneri arayan bayanlar bu adreste - 8878xs706x6438
Marcus Andree	Re: This is what Linus Torvalds calls openBSD crowd
Lars D. Noodén	Re: sshd.config and AllowUsers
Henning Brauer	Re: Sun Blade 1000?
Laurens Vets	Re: OT: opinions on IDS / IPS solutions