Maybe they have a script that can email through a gmail account? -- Dustin Puryear President and Sr. Consultant Puryear Information Technology, LLC 225-706-8414 x112 http://www.puryear-it.com
Author, "Best Practices for Managing Linux and UNIX Servers" http://www.puryear-it.com/pubs/linux-unix-best-practices/ Alvaro Zuniga wrote: > Nice! A box was under an apparent DNS attack. Here is a tiny sample of what > was found. > > Feb 27 15:05:39 interceptor3 postfix-rx/smtpd[5192]: timeout after > END-OF-MESSAGE from py-out-1112.google.com[64.233.166.179] > Feb 27 15:05:39 interceptor3 postfix-rx/smtpd[5192]: disconnect from > py-out-1112.google.com[64.233.166.179] > Feb 27 15:07:36 interceptor3 postfix-rx/smtpd[6839]: connect from > py-out-1112.google.com[64.233.166.179] > Feb 27 15:07:39 interceptor3 postfix-rx/smtpd[6839]: NOQUEUE: discard: RCPT > from py-out-1112.google.com[64.233.166.179]: <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>>: Receipient Address rxx-002-d17; from=<> > to=<[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> proto=ESMTP > helo=<py-out-1112.google.com> > Feb 27 15:07:39 interceptor3 postfix-rx/smtpd[6839]: E948CE4746: > client=py-out-1112.google.com[64.233.166.179] > Feb 27 15:07:52 interceptor3 postfix-rx/smtpd[6839]: timeout after > END-OF-MESSAGE from py-out-1112.google.com[64.233.166.179] > Feb 27 15:07:52 interceptor3 postfix-rx/smtpd[6839]: disconnect from > py-out-1112.google.com[64.233.166.179] > Feb 27 15:35:46 interceptor3 postfix-rx/smtpd[6889]: connect from > py-out-1112.google.com[64.233.166.179] > Feb 27 15:35:46 interceptor3 postfix-rx/smtpd[6889]: NOQUEUE: discard: RCPT > from py-out-1112.google.com[64.233.166.179]: <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>>: Receipient Address rlx-102-d22; from=<> > to=<[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> proto=ESMTP > helo=<py-out-1112.google.com> Feb 27 15:35:46 interceptor3 > postfix-rx/smtpd[6889]: 9EC4DE46C2: > client=py-out-1112.google.com[64.233.166.179] > Feb 27 15:35:56 interceptor3 postfix-rx/smtpd[6889]: NOQUEUE: discard: RCPT > from py-out-1112.google.com[64.233.166.179]: <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>>: Receipient Address rzx-801-d1h; from=<> > to=<[EMAIL PROTECTED] > > There are about 2K rejections an hour from google alone. Already looked into > DNS posioning. Mailer daemons due to domain spoofing hopefully is the reason. > Does anyone know anything about this? > > Alvaro Zuniga > > _______________________________________________ > General mailing list > [email protected] > http://mail.brlug.net/mailman/listinfo/general_brlug.net _______________________________________________ General mailing list [email protected] http://mail.brlug.net/mailman/listinfo/general_brlug.net
