My spamd (https://man.openbsd.org/spamd, not the other one) entangled scriptery just alerted me to this:
Aug 12 09:24:19 skapet spamd[84915]: 45.142.230.249: connected (134/129) Aug 12 09:24:30 skapet spamd[84915]: (GREY) 45.142.230.249: <[email protected]> -> <[email protected]> Aug 12 09:24:30 skapet spamd[15665]: new entry 45.142.230.249 from <[email protected]> to <[email protected]>, helo vr.vrfintelligence.es Aug 12 09:24:30 skapet spamd[84915]: 45.142.230.249: disconnected after 11 seconds. Aug 12 09:24:33 skapet spamd[84915]: 45.142.230.249: connected (149/145) Aug 12 09:24:44 skapet spamd[84915]: (GREY) 45.142.230.249: <[email protected]> -> <[email protected]> Aug 12 09:24:44 skapet spamd[15665]: new entry 45.142.230.249 from <[email protected]> to <[email protected]>, helo vr.vrfintelligence.es Aug 12 09:24:44 skapet spamd[84915]: 45.142.230.249: disconnected after 11 seconds. that is, poking with something they obviously generated themselves or were suckered into buying, and then poking an actually deliverable address, so far not to be seen again, so never (or at least not yet) passing greylisting. Does anybody here know this outfit or recognize a pattern other than "clueless spammer"? And in case you were wondering, that first one will be added to the usual place (https://nxdomain.no/~peter/traplist.shtml) when I have dealt with more urgent matters. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team https://bsdly.blogspot.com/ https://www.bsdly.net/ https://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
