We are seeing a ton of these relay attempts as well. They all are coming from [email protected][email protected]
Looks like theres a new spam bot out there – not sure if its script kiddies… | Wordbooker.
written by admin
\\ tags: attempts, bot, relay, spam, [email protected]
This particular scanner always greet with “EHLO 192.168.2.33”. Use these rules to stop them:
iptables -t raw -A PREROUTING -i eth+ -p tcp –dport 25 -m string –string “192.168.2.33” –algo bm -m recent –set –name SBOT
iptables -I INPUT -i eth+ -p tcp –dports 25 -m recent –rcheck –name SBOT -j REJECT –reject-with tcp-reset
Mail (will not be published) (required)
Notify me of follow-up comments by email.
Notify me of new posts by email.