[Dshield] Problems with email
Gearry_Judkins at mtvalleyhs.sad43.k12.me.us
Fri Oct 3 19:03:48 GMT 2003
General DShield Discussion List <list at dshield.org> writes:
>Anyone else seeing anything strange with mail servers? Or is it just the
>luck of the draw?
Two days ago I cleaned about 8000 bounced messages all addressed to the
same address at AOL from a users machine. I have some data on it
somewhere but I have not looked into it yet. AFAIK it has not recurred
since I cleaned all the bounces from the mailbox. I guessed that it was a
response to someone this person knew getting sobig and using their address
as the spoof. I have no idea if that is likely or not. I am still behind.
Good news is that I got my linux laptop up and running with shorewall on
it so that I can work on the go. When I have a minute I am going to get
the submissions to dshield up so that this box will submit logs.
On that note, this machine will be mobile and function on various networks
in many locations. Is there anything special I should do in the
submission setup to account for that? I am actually looking forward to
sampleing the logs after having this set up at various client locations
and schools that I work in.
More information about the list