62.219.120.133 AKA bzq-120-133.red.bezeqint.net AKA: telnet bzq-120-133.red.bezeqint.net 25 Trying 62.219.120.133... Connected to bzq-120-133.red.bezeqint.net. Escape character is '^]'. 220 codedump.dyn.ee ESMTP Postfix ehlo chthonic.com 250-codedump.dyn.ee
The machine (or a machine) at that IP has just recently started a spam run forging my [EMAIL PROTECTED] address; I think the trojan obtained it is via this list because: From: [EMAIL PROTECTED] Is the forged From: in a sample; additionally, the individual seems to be running Postfix. It indicates a modicum of clue; however, the individual is also: 5.0 RCVD_IN_NJABL_PROXY RBL: NJABL: sender is an open proxy 1.1 RCVD_IN_SORBS_HTTP RBL: SORBS: sender is open HTTP proxy server Wonderful. He's cracked, I guess. Anyway, if anyone knows who codedump.dyn.ee is, I'd appreciate a pointer so that I can pok^H^Halert him. Normally, I'd not bother the list with this; but as I say, my email address is the envelope-from in the run. _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"