To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- I ran the IP/hostname pairs John sent along through my generic rDNS patterns database; most of this junk is coming from either known spammer netblocks or legit ISP/ESP mail servers.
Of 714 hosts we skipped, we had patterns for 423 of them, the rest we'd blocked via iptables previously (200 hosts) or had marked as legit mail sources (91 hosts). Of the 327 hosts we hadn't either known about previously, had a pattern for, or had blocked via iptables, we identified another 47 obviously legit mail sources, 74 spammers on static blocks, and 32 that would make decent pattern candidates. If anyone cares about a breakdown in terms of how many of these hosts were sending stock spam vs. the other junk, lemme know. -- hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2553 w: http://hesketh.com/ antispam news, solutions for sendmail, exim, postfix: http://enemieslist.com/ _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
