user@domain.com spam?
Ken A
ka at pacific.net
Fri Feb 6 20:18:41 GMT 2009
Max Kipness wrote:
> Today I noticed that all of a sudden email was delayed by quite a bit.
> When I ran my queue script I realized there were over 7k emails waiting
> in the inbound queue. Also when running dmesg, I got:
>
>
>
> possible SYN flooding on port 25. Sending cookies.
>
>
>
> This was printed about 20 times.
>
>
>
> In the maillog, I found tons emails from 'user at domain.com', literally.
>
>
Yep, seeing that one here too.
Thanks for the heads up.
I'm blocking it now with a 550 error.
Ken
>
> I've now entered:
>
>
>
> user at domain.com DISCARD
>
>
>
> in /etc/mail/access
>
>
>
> This seems to be stopping them for now, but I have thousands in the
> incoming still that I guess need to be quarantined as spam yet.
>
>
>
> Has anybody else seen this? Is this an attack of some sort? Each email
> seems to be from a different IP even though they all say they are from
> user at domain.com.
>
>
>
> Max
>
>
>
More information about the MailScanner
mailing list