Hey -= == == I'm just curious what's going on....
I flipped my KVM switch over to my server (for no particular reason), and noticed my eMail server going wild. Somebody is sending mail after mail to my server, to made-up users in my domain. the user names aren't random, they all start with "shethang," for example: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] and on and on. All of the "from" IP's and domains are being spoofed, so I can't blacklist any of it. My server doesn't have a "catchall" email account, so all of these are being bounced. I could understand it if the user names were more random, that they may be trying to figure out 'real" ones (that don't bounce), but this seems to be a very inefficient way to harvest user names. The volume doesn't seem high enough to bring down my server. I don't have an open relay, so I am not being used as a surrogate. I just don't understand what somebody has to gain by flooding my server? Ideas???? Ken _______________________________________________ Post Messages to: ProFox@leafe.com Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
