Looked up the ip, ran a port scan. It appears to be the mail server for marketingmad.net, which turns out to be a site that provides services to realtors. Of course, it's a windoze box, so it could be compromised, but it looks more like a misconfiguration on their end, or a realtor trying to figure out how to use their mailing list.

You could always try the normal open relay tests out there. I installed one of the scripts i found here: http://www.southcomputers.com/relaytest.php

It takes a minute or two to run, so be patient with it. No idea how good or accurate it is, did not write it:-)

Is it always coming from the same ip address? Maybe block them with your firweall, or iptables?




slamp slamp wrote:

I am flooded with these messages. does it mean my server is open for relay? should i be worried?

tcpserver: ok 32516 mail.mydomain.com:192 <http://mail.mydomain.com:192>.168.1.2:25 :75.5.19.70::32413
 user invalid "null"
tcpserver: ok 32518 mail.mydomain.com:192 <http://mail.mydomain.com:192>.168.1.2:25 :75.5.19.70::32414
 user invalid "null"
 user invalid "null"
tcpserver: ok 32521 mail.mydomain.com:192 <http://mail.mydomain.com:192>.168.1.2:25 :75.5.19.70::32415 tcpserver: ok 32522 mail.mydomain.com:192 <http://mail.mydomain.com:192>.168.1.2:25 :75.5.19.70::32416 tcpserver: ok 32524 mail.mydomain.com:192 <http://mail.mydomain.com:192>.168.1.2:25 :75.5.19.70::32417
 user invalid "null"
 user invalid "null"
 user invalid "null"
tcpserver: ok 32527 mail.mydomain.com:192 <http://mail.mydomain.com:192>.168.1.2:25 :75.5.19.70::32418
 user invalid "null"
 user invalid "null"
 user invalid "null"
 user invalid "null"
 user invalid "null"
 user invalid "null"


vchkpw-smtp: invalid user/domain characters "null":75.5.19.70 <http://75.5.19.70> vchkpw-smtp: invalid user/domain characters "null":75.5.19.70 <http://75.5.19.70> vchkpw-smtp: invalid user/domain characters "null":75.5.19.70 <http://75.5.19.70> vchkpw-smtp: invalid user/domain characters "null": 75.5.19.70 <http://75.5.19.70> vchkpw-smtp: invalid user/domain characters "null":75.5.19.70 <http://75.5.19.70> vchkpw-smtp: invalid user/domain characters "null": 75.5.19.70 <http://75.5.19.70> vchkpw-smtp: invalid user/domain characters "null":75.5.19.70 <http://75.5.19.70> vchkpw-smtp: invalid user/domain characters "null":75.5.19.70 <http://75.5.19.70> vchkpw-smtp: invalid user/domain characters "null":75.5.19.70 <http://75.5.19.70> vchkpw-smtp: invalid user/domain characters "null":75.5.19.70 <http://75.5.19.70> vchkpw-smtp: invalid user/domain characters "null":75.5.19.70 <http://75.5.19.70> vchkpw-smtp: invalid user/domain characters "null":75.5.19.70 <http://75.5.19.70> vchkpw-smtp: invalid user/domain characters "null": 75.5.19.70 <http://75.5.19.70> vchkpw-smtp: invalid user/domain characters "null":75.5.19.70 <http://75.5.19.70> vchkpw-smtp: invalid user/domain characters "null": 75.5.19.70 <http://75.5.19.70> vchkpw-smtp: invalid user/domain characters "null":75.5.19.70 <http://75.5.19.70> vchkpw-smtp: invalid user/domain characters "null":75.5.19.70 <http://75.5.19.70> vchkpw-smtp: invalid user/domain characters "null":75.5.19.70 <http://75.5.19.70> vchkpw-smtp: invalid user/domain characters "null":75.5.19.70 <http://75.5.19.70>



---------------------------------------------------------------------
    QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to