[Dshield] SPAM email using my smtp server host name
Johannes B. Ullrich
jullrich at sans.org
Thu Dec 4 20:15:42 GMT 2003
If a spammer connects directly to your mail server, they can send
messages without specifying the domain. The mail server will just add a
default domain (usually the host name) to this userid provided by the
Depending on your mail server, it may be possible to just drop these
messages. In particular if this is just a mail relay and you don't get
any local mail from this particular system (but that can be dealt with
On Thu, 2003-12-04 at 13:54, Dshield Contributor wrote:
> I would like to add my request for the same help on this one.
> Anyone know?
> Kane Wong wrote:
> "Recently, I found some spam email which is using the host name of my
> smtp server as the recipient (To:) address. Do your guy know how the
> spammer find my host name as their destination email address?"
> "For example; if my host name is called smtp.abc.com, then they would
> put xxxxx at smtp.abc.com in the To: field and target to my own mailbox."
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list
CTO SANS Internet Storm Center http://isc.sans.org
phone: (617) 786 1563
fax: (617) 786 1550 jullrich at sans.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/list/attachments/20031204/38aa1f81/attachment.bin
More information about the list