Most of the http and sql scans are viruses I found. in regards to sendmail, use a spam filter using sendmail 8.12 and spamcop or something..
thanks, George Vieira Systems Manager Citadel Computer Systems P/L http://www.citadelcomputer.com.au -----Original Message----- From: Antony Stone [mailto:[EMAIL PROTECTED]] Sent: Monday, 08 July 2002 9:56 AM To: [EMAIL PROTECTED] Subject: Re: hosts.deny On Monday 08 July 2002 12:49 am, Ed Street wrote: > Hello, > > This is most commonly seen in spam mail. I most commonly see it in port scans, and probes for http / sql holes. Spam mail may contain misleading headers (until you get to learn where to stop reading the machine names, and realise that the headers have been rigged from that point on), but they can't disguise the real IP address of the relay machine which fed the mail into the smtp chain... Antony.
