|
Posted by YorS on February 24, 2006, 3:54 pm
If you were Registered and logged in, you could reply and use other advanced thread options
A little while ago we scraped one of our Domain names from our Exchange 2000
machine, changed all the DNS settings etc. If you do a check (i.e.
www.dnsstuff.com) our server/IP is no where to be found.
But I still get emails to that Domain name being handed to our server. It of
course response that it is not allowed to relay. And it seems to be at the
same times everyday (3:30 to 5:30pm) as well as the same To and FROM
addresses (all dif) and subject line (oh also note they are dated as Dec
2005) and they are all Viruses.
I have run a port sniffer and tracked down some IPs and added them to the
Blocked List, But still the next day again they strike.
I know that sender info is bogus and that they can/will change their
relaying IPs all the time. I assume they are sending to my IP rather then to
the defunct Domain Name.
Could anyone help me to understand this and maybe give an idea how to combat
it?
--
Thanks for your Time.
Remove the kNOT to reply.
But it is best to share it with the group.
| 
XML site map