user@domain.com spam?
Max Kipness
max at assuredata.com
Fri Feb 6 19:45:31 GMT 2009
Today I noticed that all of a sudden email was delayed by quite a bit.
When I ran my queue script I realized there were over 7k emails waiting
in the inbound queue. Also when running dmesg, I got:
possible SYN flooding on port 25. Sending cookies.
This was printed about 20 times.
In the maillog, I found tons emails from 'user at domain.com', literally.
I've now entered:
user at domain.com DISCARD
in /etc/mail/access
This seems to be stopping them for now, but I have thousands in the
incoming still that I guess need to be quarantined as spam yet.
Has anybody else seen this? Is this an attack of some sort? Each email
seems to be from a different IP even though they all say they are from
user at domain.com.
Max
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20090206/f37bc203/attachment.html
More information about the MailScanner
mailing list