-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sunday 13 June 2004 09:49 am, Larry Brown wrote:
> You say you killed forwarding to smtp and pop3 and the netstat looked
> like that afterward? What does your /var/log/maillog look like? If you
> killed the forwarding of those ports, I would kill the forwarding of 80
> as a test and make sure no one can hit your web server. It looks like
> the prevention of the port forwarding didn't take.
Actually, I'm pretty pleased that my DSL line seems to be handling this:
[root@genesis chugga]# cat /var/log/maillog | grep 'mail2' | wc
67210 537808 7303683
That's just through about 6 pm today.
I sent an email with a copy of /var/log/maillog to the offending site today,
along with a politely worded suggestion that they perhaps have an email worm.
Pretty much predictably, the web site,
philanthropyroundtable.org[67.154.207.154], is on a IIS server.
- --
http://cannaday.us (genealogy)
http://organic-earth.com (organic gardening)
Uptimes below for the machines that created / host these sites.
19:00:00 up 15 days, 18:57, 4 users, load average: 0.28, 0.22, 0.14
18:51:00 up 39 days, 2:52, 5 users, load average: 0.00, 0.02, 0.00
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAzQg5Svjcx4uv21sRAioYAJ9PJJ6VOkY0X/pps7afPukfBFWfaQCff+pE
JrOJVGqCcB0wC4D0yxGuGtE=
=U6YX
-----END PGP SIGNATURE-----
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:42:27 EDT