This isnt something to discuss on the SURBL list, but it looks like you either have a dictionary attack going on.
I'm sorry. I should clarify on list (though I do appreciate the offer of off-list support)
All of these connections do not seem to proceed past the connection startup phase.
I am very used to dictionary attacks having hosted sites and DNS that bring ire from Spammers (formerly www.spamassassin.org and currently just DNS, an SURBL public nameserver, RelayRegistry.org, anti-SPAM How-To's, etc). This looks like a VERY large distributed Denial of Service attack.
The reason I posted here and I believe it is relevant because it might be against SURBL nameservers and I'm hoping to hear if others are seeing the same issue.
Regards, KAM
Hi!
I'm sorry. I should clarify on list (though I do appreciate the offer of off-list support)
All of these connections do not seem to proceed past the connection startup phase.
I am very used to dictionary attacks having hosted sites and DNS that bring ire from Spammers (formerly www.spamassassin.org and currently just DNS, an SURBL public nameserver, RelayRegistry.org, anti-SPAM How-To's, etc). This looks like a VERY large distributed Denial of Service attack.
he reason I posted here and I believe it is relevant because it might be against SURBL nameservers and I'm hoping to hear if others are seeing the same issue.
We run sereral of the public nameservers, but dont see this behaviour... No space or disk issue on the box itself, just guessing?
Ohw, and before i forget, happy 2005 everyone! :)
Bye, Raymond.
Kevin A. McGrail wrote:
The reason I posted here and I believe it is relevant because it might be against SURBL nameservers and I'm hoping to hear if others are seeing the same issue.
Lots of SMTP connections to your mail server doesn't indicate an attack against the SURBL name servers. I've not seen any major traffic changes in the last week on my NS.
David
Hi!
The reason I posted here and I believe it is relevant because it might be against SURBL nameservers and I'm hoping to hear if others are seeing the same issue.
Lots of SMTP connections to your mail server doesn't indicate an attack against the SURBL name servers. I've not seen any major traffic changes in the last week on my NS.
Unless the mailbox and DNS are one and the same machine ;)
But same as you noticed, no jump in traffic here either. So must be something different.
Bye, Raymond.
-
David Coulson -
Kevin A. McGrail -
Raymond Dijkxhoorn