Hi Scott, Yes - I've been lurking on this list long enough to know how to switch IMAIL over to "relay for addresses" when I finally installed my own a few weeks ago. :)
>From Sanford -- >Make sure you do adequate bounds-checking if you are >using CDO. There are known ways to overflow it and send >arbitrary message bodies if you don't double-check. Yeah mate - i'm not using CDO AFAIK. I'm using the ASP Mail component. Anyway - I've pulled some info out of my logfiles that illustrate what the spammers are doing. Can you possibly "translate" this for me? - - - - - - - - - - - - - - - - - - - - - - - - - - - - 20020317 124234 127.0.0.1 SMTPD (1D2301D4) [216.139.227.215] connect 64.160.88.66 port 1582 20020317 124234 127.0.0.1 SMTPD (242E0286) [216.139.227.215] connect 64.160.88.66 port 1584 20020317 124234 127.0.0.1 SMTPD (1D2301D4) [64.160.88.66] EHLO pfisrv.primaflora.com 20020317 124234 127.0.0.1 SMTPD (242E0286) [64.160.88.66] EHLO pfisrv.primaflora.com 20020317 124234 127.0.0.1 SMTPD (1D2301D4) [64.160.88.66] MAIL FROM:<[EMAIL PROTECTED]> 20020317 124234 127.0.0.1 SMTPD (242E0286) [64.160.88.66] MAIL FROM:<[EMAIL PROTECTED]> 20020317 124234 127.0.0.1 SMTPD (1D2301D4) [64.160.88.66] RCPT TO:<[EMAIL PROTECTED]> 20020317 124234 127.0.0.1 SMTPD (242E0286) [64.160.88.66] RCPT TO:<[EMAIL PROTECTED]> 20020317 124234 127.0.0.1 SMTPD (1D2301D4) [64.160.88.66] C:\IMail\spool\Dffba1d4.SMD 1582 20020317 124234 127.0.0.1 SMTPD (242E0286) [64.160.88.66] C:\IMail\spool\Dffba286.SMD 1582 20020317 124234 127.0.0.1 SMTP (1988) processing C:\IMail\spool\Qffba1d4.SMD 20020317 124235 127.0.0.1 SMTP (724) processing C:\IMail\spool\Qffba286.SMD 20020317 124235 127.0.0.1 SMTP (724) Trying harvestmarketing.com (0) 20020317 124235 127.0.0.1 SMTP (724) Connect harvestmarketing.com [209.217.36.161:25] (1) 20020317 124235 127.0.0.1 SMTP (1988) Trying ozemail.com.au (0) 20020317 124235 127.0.0.1 SMTP (724) 220 www.netserverz.com ESMTP Sendmail 8.9.3/8.9.3; Mon, 18 Mar 2002 02:36:55 +0800 20020317 124235 127.0.0.1 SMTP (724) >EHLO dell-wprlp767iz 20020317 124235 127.0.0.1 SMTP (724) 250-www.netserverz.com Hello [216.139.227.215], pleased to meet you 20020317 124235 127.0.0.1 SMTP (724) 250-8BITMIME 20020317 124235 127.0.0.1 SMTP (724) 250-SIZE 7340032 20020317 124235 127.0.0.1 SMTP (724) 250-DSN 20020317 124235 127.0.0.1 SMTP (724) 250-ONEX 20020317 124235 127.0.0.1 SMTP (724) 250-XUSR 20020317 124235 127.0.0.1 SMTP (724) 250 HELP 20020317 124235 127.0.0.1 SMTP (724) >MAIL FROM:<[EMAIL PROTECTED]> 20020317 124235 127.0.0.1 SMTP (724) 250 <[EMAIL PROTECTED]>... Sender ok 20020317 124235 127.0.0.1 SMTP (724) >RCPT To:<[EMAIL PROTECTED]> 20020317 124235 127.0.0.1 SMTP (724) 250 <[EMAIL PROTECTED]>... Recipient ok 20020317 124235 127.0.0.1 SMTP (724) >DATA 20020317 124235 127.0.0.1 SMTP (1988) Connect ozemail.com.au [203.2.192.76:25] (1) 20020317 124235 127.0.0.1 SMTP (724) 354 Enter mail, end with "." on a line by itself 20020317 124235 127.0.0.1 SMTP (724) >. 20020317 124235 127.0.0.1 SMTP (724) 250 CAA11526 Message accepted for delivery 20020317 124235 127.0.0.1 SMTP (724) rdeliver harvestmarketing.com [EMAIL PROTECTED] (1) <[EMAIL PROTECTED]> 1582 20020317 124235 127.0.0.1 SMTP (724) >QUIT 20020317 124235 127.0.0.1 SMTP (724) 221 www.netserverz.com closing connection 20020317 124235 127.0.0.1 SMTP (724) finished C:\IMail\spool\Qffba286.SMD status=1 20020317 124235 127.0.0.1 SMTP (1988) 220 mta02.mail.mel.aone.net.au ESMTP server ready Mon, 18 Mar 2002 05:36:59 +1100 20020317 124235 127.0.0.1 SMTP (1988) >EHLO dell-wprlp767iz 20020317 124235 127.0.0.1 SMTP (1988) 250-mta02.mail.mel.aone.net.au 20020317 124235 127.0.0.1 SMTP (1988) 250-HELP 20020317 124235 127.0.0.1 SMTP (1988) 250-XREMOTEQUEUE 20020317 124235 127.0.0.1 SMTP (1988) 250-ETRN 20020317 124235 127.0.0.1 SMTP (1988) 250-PIPELINING 20020317 124235 127.0.0.1 SMTP (1988) 250-DSN 20020317 124235 127.0.0.1 SMTP (1988) 250-8BITMIME 20020317 124235 127.0.0.1 SMTP (1988) 250 SIZE 10485760 20020317 124235 127.0.0.1 SMTP (1988) >MAIL FROM:<[EMAIL PROTECTED]> 20020317 124236 127.0.0.1 SMTP (1988) 250 Sender <[EMAIL PROTECTED]> Ok 20020317 124236 127.0.0.1 SMTP (1988) >RCPT To:<[EMAIL PROTECTED]> 20020317 124236 127.0.0.1 SMTP (1988) 250 Recipient <[EMAIL PROTECTED]> Ok 20020317 124236 127.0.0.1 SMTP (1988) >DATA 20020317 124236 127.0.0.1 SMTP (1988) 354 Ok Send data ending with <CRLF>.<CRLF> 20020317 124236 127.0.0.1 SMTP (1988) >. 20020317 124237 127.0.0.1 SMTP (1988) 250 Message received: 20020317183700.DAKI23662.mta02.mail.mel.aone.net.au@dell-wprlp767iz 20020317 124237 127.0.0.1 SMTP (1988) rdeliver ozemail.com.au [EMAIL PROTECTED] (1) <[EMAIL PROTECTED]> 1582 20020317 124237 127.0.0.1 SMTP (1988) >QUIT - - - - - - - - - - - - - - - - - - - - - - - - - - - - Best regards, Murray. Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Please visit the Knowledge Base for answers to frequently asked questions: http://www.ipswitch.com/support/IMail/
