|
|
[OT] Re: lug-bg: spam
- Subject: [OT] Re: lug-bg: spam
- From: Andrey Andreev <andreev@xxxxxxxxxxxxxx>
- Date: Thu, 12 Aug 2004 12:32:57 +0300
Това си е оффтопик, обаче погледни примерно
http://www.f-secure.com/v-descs/mydoom_m.shtml
Поздрави,
Андро
nikkk wrote:
Привет група ....
Получих няколко притеснителни мейла където като подател е postmaster@xxxxxxxxxxxx
това ми показва лога:
sendmail[6747]: i7C71234DFG747: <user@xxxxxxxxxxxx>... User unknown
sendmail[6747]: i7C71234DFG747: from=<postmaster@xxxxxxxxxxxx>, size=0, class=0, nrcpts=0, proto=ESMTP, daemon=MTA,
relay=mail.chuzddomain.bg [211.211.211.83]
И след това ми се изпраща на root :
sendmail[6748]: i7C7674WEDC8: from=<>, size=41418, class=0, nrcpts=1,
msgid=<200408128856.i7C7674WEDC8@xxxxxxxxxxxxxxxxx>, proto=ESMTP, daemon=MTA, relay=mail.chuzddomain.bg [211.211.211.83]
sendmail[6749]: i7C7674WEDC8: to=superuser, delay=00:00:05, xdelay=00:00:04, mailer=local, pri=101674, dsn=2.0.0,
stat=Sent
Това е мейла който получавам:
Return-Path: <>
Received: from chuzddomain.bg (mail.chuzddomain.bg [211.211.211.83])
by mail.moidomain.bg(8.13.1/8.13.1) with ESMTP id i7C7674WEDC8
for <postmaster@xxxxxxxxxxxx>; Thu, 12 Aug 2004 11:56:12 +0300
Message-Id: <200408128856.i7C7674WEDC8@xxxxxxxxxxxxxxxxx>
Received: (qmail 5623 invoked for bounce); 12 Aug 2004 07:15:07 -0000
Date: 12 Aug 2004 07:15:07 -0000
From: MAILER-DAEMON@xxxxxxxxxxxxxx
To: postmaster@xxxxxxxxxxxx
Subject: failure notice
X-AntiVirus: scanned for viruses by AMaViS 0.2.1 (http://amavis.org/)
Status:
Hi. This is the qmail-send program at chuzddomain.bg.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<user@xxxxxxxxxxxx>:
131.131.108.160 does not like recipient.
Remote host said: 550 5.1.1 <user@xxxxxxxxxxxx>... User unknown
Giving up on 131.131.108.160.
--- Below this line is a copy of the message.
Return-Path: <postmaster@xxxxxxxxxxxx>
Received: (qmail 5617 invoked from network); 12 Aug 2004 07:15:06 -0000
Received: from unknown (HELO moidomain.bg) (192.168.10.50)
by 192.168.1.51 with SMTP; 12 Aug 2004 07:15:06 -0000
From: "Mail Delivery Subsystem" <postmaster@xxxxxxxxxxxx>
To: user@xxxxxxxxxxxx
Subject: Hi
Date: Thu, 12 Aug 2004 10:58:53 -0700
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0002_BDAE.BBCD"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
This is a multi-part message in MIME format.
------=_NextPart_000_0002_B4AE0.B3CD
Content-Type: text/plain;
charset=us-ascii
Content-Transfer-Encoding: 7bit
Dear user user@xxxxxxxxxxxx,
We have detected that your email account has been used to send a large amount of spam during the last week.
We suspect that your computer was compromised and now runs a hidden proxy server.
Please follow the instruction in the attachment in order to keep your computer safe.
Virtually yours,
The moidomain.bg team.
------=_NextPart_000_0002_BDA0.B3BBCD
Content-Type: application/octet-stream;
name="document.zip"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="document.zip"
131.131.108.160 - Това е адреса на сървъра ми
Ползвам sendmail v.8.13.1
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================
|
|
|