anybody know about vendaregroup.com?
Jeff A. Earickson
jaearick at colby.edu
Thu Feb 8 02:58:08 CET 2007
Gang,
I've noticed over the last couple of weeks that a lot of the outbound
email sitting in my delay queue (ie, the stuff that isn't moving) was
to be returned to vendaregroup.com. I started investigating. The
source addresses varied widely, but the common thread was that when I
did a dig on the domain name, the CNAME always pointed to them, eg:
dig kingofjeans.com
...
;; ANSWER SECTION:
kingofjeans.com. 35815 IN CNAME dpweb.vendaregroup.com.
dpweb.vendaregroup.com. 713 IN A 72.5.175.90
(etc)
I googled on vendare and didn't really find much nefarious info on
them. They just seem to be squatting on lots of domain names.
So... I then added the following to my sendmail access db file:
vendaregroup.com "550 Domain does not exist."
rebuilt my access.db file, and started watching the syslogs.
Whoohoo!! I am rejecting a fair amount of what is obviously spam
right at my MTA, stuff that gets noted as "may be forged" and the
like.
Anybody else notice this? Anybody know anything more about
vendaregroup.com?
Jeff Earickson
Colby College
More information about the MailScanner
mailing list