We've noticed an increase of email scans from AWS IP addresses, they seem to be testing for variations of the same email:
ec2-18-215-245-250.compute-1.amazonaws.com[18.215.245.250]: 550 5.1.1 <foo-bar@domain> ec2-18-215-245-250.compute-1.amazonaws.com[18.215.245.250]: 550 5.1.1 <foobar@domain> ec2-18-215-245-250.compute-1.amazonaws.com[18.215.245.250]: 550 5.1.1 <foo@domain> ec2-18-215-245-250.compute-1.amazonaws.com[18.215.245.250]: 550 5.1.1 <fb@domain> ec2-34-207-218-228.compute-1.amazonaws.com[34.207.218.228]: 550 5.1.1 <foo.bar@domain> ec2-34-207-218-228.compute-1.amazonaws.com[34.207.218.228]: 550 5.1.1 <foo_bar@domain> ec2-34-207-218-228.compute-1.amazonaws.com[34.207.218.228]: 550 5.1.1 <foo.b@domain> ec2-54-145-213-229.compute-1.amazonaws.com[54.145.213.229]: 550 5.1.1 <bar@domain> ec2-54-145-213-229.compute-1.amazonaws.com[54.145.213.229]: 550 5.1.1 <f-b@domain> ec2-54-145-213-229.compute-1.amazonaws.com[54.145.213.229]: 550 5.1.1 <bar-foo@domain> Anyone seen this before? _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
