> 17. mar. 2021 kl. 23:46 skrev Michael Peddemors via mailop > <[email protected]>: > > Never get enough chance to look at logs anymore but this one jumped out while > checking something out.. > > 89.248.169.12 -> 587 GeoIP = [GB] PTR = security.criminalip.com > > hehehe.. wonder if we should help them fix their broken bot..
I thought there were more, but at least we have $ doas spamdb | grep 89.248.169 TRAPPED|89.248.169.12|1616119406 $ grep 89.248.169 pop3gropers.txt 89.248.169.12 89.248.169.16 89.248.169.36 It’s more than likely they have more than one netback though, since that whois output (snipped here for brevity) seems very familiar. ENOCOFFEE means no further checks from here at the moment, but yes, they are worthy of LARTing. - Peter — Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
