[brlug-general] is google really spamming?

Edmund Cramp eac at motion-labs.com
Thu Feb 28 13:47:00 CST 2008 

See this link - http://www.theregister.co.uk/2008/02/25/gmail_captcha_crack/ 

> -----Original Message-----
> From: general-bounces at brlug.net 
> [mailto:general-bounces at brlug.net] On Behalf Of Alvaro Zuniga
> Sent: Thursday, February 28, 2008 11:45 AM
> To: general at brlug.net
> Subject: [brlug-general] is google really spamming?
> 
> Nice! A box was under an apparent DNS attack. Here is a tiny 
> sample of what was found.
> 
> Feb 27 15:05:39 interceptor3 postfix-rx/smtpd[5192]: timeout 
> after END-OF-MESSAGE from py-out-1112.google.com[64.233.166.179]
> Feb 27 15:05:39 interceptor3 postfix-rx/smtpd[5192]: 
> disconnect from py-out-1112.google.com[64.233.166.179]
> Feb 27 15:07:36 interceptor3 postfix-rx/smtpd[6839]: connect 
> from py-out-1112.google.com[64.233.166.179]
> Feb 27 15:07:39 interceptor3 postfix-rx/smtpd[6839]: NOQUEUE: 
> discard: RCPT from py-out-1112.google.com[64.233.166.179]: 
> <-thompe at removed.com <mailto:-thompe at removed.com>>: 
> Receipient Address rxx-002-d17; from=<> 
> to=<-thompe at removed.com <mailto:-thompe at removed.com>> 
> proto=ESMTP helo=<py-out-1112.google.com> Feb 27 15:07:39 
> interceptor3 postfix-rx/smtpd[6839]: E948CE4746: 
> client=py-out-1112.google.com[64.233.166.179]
> Feb 27 15:07:52 interceptor3 postfix-rx/smtpd[6839]: timeout 
> after END-OF-MESSAGE from py-out-1112.google.com[64.233.166.179]
> Feb 27 15:07:52 interceptor3 postfix-rx/smtpd[6839]: 
> disconnect from py-out-1112.google.com[64.233.166.179]
> Feb 27 15:35:46 interceptor3 postfix-rx/smtpd[6889]: connect 
> from py-out-1112.google.com[64.233.166.179]
> Feb 27 15:35:46 interceptor3 postfix-rx/smtpd[6889]: NOQUEUE: 
> discard: RCPT from py-out-1112.google.com[64.233.166.179]: 
> <_gasca at removed.com <mailto:_gasca at removed.com>>: Receipient 
> Address rlx-102-d22; from=<> to=<_gasca at removed.com 
> <mailto:_gasca at removed.com>> proto=ESMTP 
> helo=<py-out-1112.google.com> Feb 27 15:35:46 interceptor3 
> postfix-rx/smtpd[6889]: 9EC4DE46C2: 
> client=py-out-1112.google.com[64.233.166.179]
> Feb 27 15:35:56 interceptor3 postfix-rx/smtpd[6889]: NOQUEUE: 
> discard: RCPT from py-out-1112.google.com[64.233.166.179]: 
> <-thompe at removed.com <mailto:-thompe at removed.com>>: 
> Receipient Address rzx-801-d1h; from=<> to=<-thompe at removed.com
> 
> There are about 2K rejections an hour from google alone. 
> Already looked into DNS posioning. Mailer daemons due to 
> domain spoofing hopefully is the reason. Does anyone know 
> anything about this?
> 
> Alvaro Zuniga
> 
> _______________________________________________
> General mailing list
> General at brlug.net
> http://mail.brlug.net/mailman/listinfo/general_brlug.net
>

More information about the General mailing list