They also do open HTTP proxy scans.
Anyone notice other regular scan patterns from RR/TimeWarner management nodes?
- Ian
On Friday 22 November 2002 06:29, Greg Schmidt wrote:
> RoadRunner hits my server with this open relay test. It looks extensive,
> but I'm not sure what all of these tests are checking. Other places have
> much shorter tests.
>
> Here it is:
>
> <quote>
>
> Return-Path: <double-bounce@dt2.gschmidt.net>
> Delivered-To: root@gschmidt.net
> Received: by dt2.gschmidt.net (Postfix) via NOTICE
> id C65512AE7D; Fri, 22 Nov 2002 06:15:02 -0500 (EST)
> Date: Fri, 22 Nov 2002 06:15:02 -0500 (EST)
> From: MAILER-DAEMON@dt2.gschmidt.net (Mail Delivery System)
> To: postmaster@gschmidt.net (Postmaster)
> Subject: Postfix SMTP server: errors from
> securityscan.sec.rr.com[24.30.199.228]
> Message-Id: <20021122111502.C65512AE7D@dt2.gschmidt.net>
> Status: R
> X-Status: N
>
>
> Transcript of session follows.
>
> Out: 220 dt2.gschmidt.net ESMTP Postfix (Postfix-20010228-pl03) (Mandrake
> Linux)
> In: HELO security.rr.com
> Out: 250 dt2.gschmidt.net
> In: MAIL FROM:<openrelaytest@localhost>
> Out: 250 Ok
> In: RCPT TO:<relaytest@security.rr.com>
> Out: 554 <relaytest@security.rr.com>: Recipient address rejected: Relay
> access
> denied
> In: RSET
> Out: 250 Ok
> In: MAIL FROM:<openrelaytest>
> Out: 250 Ok
> In: RCPT TO:<relaytest@security.rr.com>
> Out: 554 <relaytest@security.rr.com>: Recipient address rejected: Relay
> access
> denied
> In: RSET
> Out: 250 Ok
> In: MAIL FROM:<>
> Out: 250 Ok
> In: RCPT TO:<relaytest@security.rr.com>
> Out: 554 <relaytest@security.rr.com>: Recipient address rejected: Relay
> access
> denied
> In: RSET
> Out: 250 Ok
> In: MAIL FROM:<openrelaytest@[65.35.161.60]>
> Out: 250 Ok
> In: RCPT TO:<relaytest@security.rr.com>
> Out: 554 <relaytest@security.rr.com>: Recipient address rejected: Relay
> access
> denied
> In: RSET
> Out: 250 Ok
> In: MAIL FROM:<openrelaytest@6535161hfc60.tampabay.rr.com>
> Out: 250 Ok
> In: RCPT TO:<relaytest@security.rr.com>
> Out: 554 <relaytest@security.rr.com>: Recipient address rejected: Relay
> access
> denied
> In: RSET
> Out: 250 Ok
> In: MAIL FROM:<openrelaytest@[65.35.161.60]>
> Out: 250 Ok
> In: RCPT TO:<relaytest%security.rr.com@[65.35.161.60]>
> Out: 554 <relaytest%security.rr.com@[65.35.161.60]>: Recipient address
> rejected: Relay access denied
> In: RSET
> Out: 250 Ok
> In: MAIL FROM:<openrelaytest@[65.35.161.60]>
> Out: 250 Ok
> In: RCPT TO:<relaytest%security.rr.com@6535161hfc60.tampabay.rr.com>
> Out: 554 <relaytest%security.rr.com@6535161hfc60.tampabay.rr.com>:
> Recipient
> address rejected: Relay access denied
> In: RSET
> Out: 250 Ok
> In: MAIL FROM:<openrelaytest@[65.35.161.60]>
> Out: 250 Ok
> In: RCPT TO:<"relaytest@security.rr.com">
> Out: 554 <relaytest@security.rr.com>: Recipient address rejected: Relay
> access
> denied
> In: RSET
> Out: 250 Ok
> In: MAIL FROM:<openrelaytest@[65.35.161.60]>
> Out: 250 Ok
> In: RCPT TO:<"relaytest%security.rr.com">
> Out: 554 <relaytest%security.rr.com>: Recipient address rejected: Relay
> access
> denied
> In: RSET
> Out: 250 Ok
> In: MAIL FROM:<openrelaytest@[65.35.161.60]>
> Out: 250 Ok
> In: RCPT TO:<relaytest@security.rr.com@[65.35.161.60]>
> Out: 554 <relaytest@security.rr.com@[65.35.161.60]>: Recipient address
> rejected: Relay access denied
> In: RSET
> Out: 250 Ok
> In: MAIL FROM:<openrelaytest@[65.35.161.60]>
> Out: 250 Ok
> In: RCPT TO:<"relaytest@security.rr.com"@[65.35.161.60]>
> Out: 554 <relaytest@security.rr.com@[65.35.161.60]>: Recipient address
> rejected: Relay access denied
> In: RSET
> Out: 250 Ok
> In: MAIL FROM:<openrelaytest@[65.35.161.60]>
> Out: 250 Ok
> In: RCPT TO:<relaytest@security.rr.com@6535161hfc60.tampabay.rr.com>
> Out: 554 <relaytest@security.rr.com@6535161hfc60.tampabay.rr.com>:
> Recipient
> address rejected: Relay access denied
> In: RSET
> Out: 250 Ok
> In: MAIL FROM:<openrelaytest@[65.35.161.60]>
> Out: 250 Ok
> In: RCPT TO:<@[65.35.161.60]:relaytest@security.rr.com>
> Out: 554 <@[65.35.161.60]:relaytest@security.rr.com>: Recipient address
> rejected: Relay access denied
> In: RSET
> Out: 250 Ok
> In: MAIL FROM:<openrelaytest@[65.35.161.60]>
> Out: 250 Ok
> In: RCPT TO:<@6535161hfc60.tampabay.rr.com:relaytest@security.rr.com>
> Out: 554 <@6535161hfc60.tampabay.rr.com:relaytest@security.rr.com>:
> Recipient
> address rejected: Relay access denied
> In: RSET
> Out: 250 Ok
> In: MAIL FROM:<openrelaytest@>
> Out: 250 Ok
> In: RCPT TO:<relarelaytest@security.rr.com@>
> Out: 554 <relarelaytest@security.rr.com@>: Recipient address rejected:
> Relay
> access denied
> In: RSET
> Out: 250 Ok
> In: MAIL FROM:<openrelaytest@[65.35.161.60]>
> Out: 250 Ok
> In: RCPT TO:<security.rr.com!relaytest>
> Out: 554 <security.rr.com!relaytest>: Recipient address rejected: Relay
> access
> denied
> In: RSET
> Out: 250 Ok
> In: MAIL FROM:<openrelaytest@[65.35.161.60]>
> Out: 250 Ok
> In: RCPT TO:<security.rr.com!relaytest@[65.35.161.60]>
> Out: 554 <security.rr.com!relaytest@[65.35.161.60]>: Recipient address
> rejected: Relay access denied
> In: RSET
> Out: 250 Ok
> In: MAIL FROM:<openrelaytest@[65.35.161.60]>
> Out: 250 Ok
> In: RCPT TO:<security.rr.com!relaytest@[65.35.161.60]>
> Out: 554 <security.rr.com!relaytest@[65.35.161.60]>: Recipient address
> rejected: Relay access denied
> In: QUIT
> Out: 221 Bye
>
> No message was collected successfully.
>
> </quote>
-- - Ian C. Blenke <icblenke@nks.net>(This message bound by the following: http://www.nks.net/email_disclaimer.html)
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:05:57 EDT