[KLUG Members] Question about oddball logwatch entries.

Adam Bultman members@kalamazoolinux.org
Mon, 25 Nov 2002 11:15:08 -0500 (EST)

Previous message: [KLUG Members] New on BSware this week.
Next message: [KLUG Members] Question about oddball logwatch entries.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I've a friend with an RH 7.2 system on the net.  He's running the standard
RH log reporting stuff, and I've set him up with a firewall.

In his logwatch entries, he's got stuff like this:

Unknown users:
anxiety@<domain> 1 Times
concern@<domain> "
brown@<domain> "
grumpy@<domain> "

And so on.

Now, I have another friend that was recently reprimanded for running an
open relay on his cable modem, so I'm wondering, is someone testing his
connection for users and to see if they can send SPAM?  I found some of
the entries in the maillog, so it appears it is at the very least going
through sendmail. However, I've never seen this before.

Anyone seen this before?  I assume it's a SPAMmer looking for another
unsuspecting host.  But at the very least, he's not an open relay, and
he's been denying such people of service.

Adam




-- 
adamb@glaven.org
[ www.glaven.org ]

Previous message: [KLUG Members] New on BSware this week.
Next message: [KLUG Members] Question about oddball logwatch entries.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]