[OT] HELP!!! mail attack
Rodolfo Alcazar Portillo
rodolfo.alcazar at padep.org.bo
Thu Mar 27 11:33:23 UTC 2008
Am Donnerstag, den 27.03.2008, 07:56 +0900 schrieb John Summerfield:
> Rodolfo Alcazar Portillo wrote:
> > Am Donnerstag, den 27.03.2008, 00:17 +0900 schrieb John Summerfield:
> >> Rodolfo Alcazar Portillo wrote:
> >>> Ok, the problem is that the content is really random... I tried to found
> >>> common words:
> >>> http://www.padep.org.bo/log20080325/log/words4-sort_-_n
> >>> thanks, anyway...
> >> The recipient address I thought was common. Does it not appear in the
> >> headers?
> >
> > Of course. I've already deleted the account yesterday, anyway, which
> > causes a similar effect in terms of bandwidth, but the attempts are so
> That occurred to me after I sent.
>
> > many, that some moments takes 20% of my current bandwidth... My concern
> > are:
>
> Back to munging the lots and figuring out the attacking IP addresses,
> etc as I outlined already.
Already tried, but unsuccessful. rbl running.
http://www.padep.org.bo/log20080325/checks/ips_by_attempt
http://www.padep.org.bo/log20080325/checks/ips_by_network-c
http://www.padep.org.bo/log20080325/checks/ips_by_network-b
http://www.padep.org.bo/log20080325/checks/ips_by_network-a
> > a) we could suffer a new attack with other account.
> > b) i need to restore that account.
> Give the user a new account. When things quieten down, use a alias to
> catch email for the old address.
Yes, the user has already a new account.
Thanks...
--
Rodolfo Alcazar
Responsable red y datos
Deutsche Gesellschaft für
Technische Zusammenarbeit (GTZ) GmbH
Programa de Apoyo a la Gestión Pública Descentralizada y
Lucha Contra La Pobreza - PADEP
Av. Sánchez Lima 2226
La Paz, Bolivia
Tel: +591 22417628 (121)
Fax: +591 22417628 (126)
Web: www.padep.org.bo
Email: rodolfo.alcazar at padep.org.bo
More information about the fedora-list
mailing list