Terry Allen <[EMAIL PROTECTED]> wrote: >Hi Darrin, > I wonder if someone has misconfigured a DNS somewhere & your server >is on the receiving end of a mailing list that's hosted by the domain >(macgroup.com). I had that misfortune of my server being accidentally >targetted to have someone point their DNS for a major website at my server >for a couple of hours before they realised their mistake. The logs you sent >to the list might indicate mail consistent with a mailing list.
While it's possible, I don't think that's the problem, given that I see this type of attack about once per month from different places (usually China). Also, how would a single messed up DNS entry cause servers all over the globe to send these messages through my server, and in alphabetical order? It really looks suspicious to me. Am I just being stupid, or do others think this is a spam attack, too? I got to thinking about this, and realized, it probably wouldn't be too hard to have a Code Red like virus that started up an SMTP server on people's machines without them realizing it. I wonder if someone has tried something like that? Of course, you could even just keep a list of open relays and send each message through a different one to be less obvious, too. Are these known techniques? Thanks, Darrin -- Darrin Cardani - [EMAIL PROTECTED] President, Buena Software, Inc. <http://www.buena.com/> Video, Image and Audio Processing Development ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
