On Thu, 21 Aug 2003 15:18:06 GMT, Lucky Leavell <luckyunixpress.com>
Nope, we're all winners :-)>I have received hundreds of emails from a single IP address with forged
>names since yesterday. The subject is usually something like "Re: Approved"
>or "That Movie", etc. Initially there was an approx. 100K attachment (what
>is a PIF file anyway?) but now they refer to an attachment that isn't there.
>First, my set up:
> Firewall: MultiTech RF550VPN with only port 25 open
> Mail Server: UnixWare 7.1.0 with ptf7130e installed
> (I had to use my old sendmail.cf file as the new one
> would not allow inbound mail and I don't speak sendmail.)
>The domains are sometimes those of companies I have received mail from in
>the past with bogus user names, e.g., [email]bogussupplier.com[/email]. While I do have a
>M$ system on my LAN, it is never allowed to touch email; that is entirely
>done from my UW7 and OSR5 systems. I do occasionally use it for browsing
>when IE is required due to backwards web sites I must sometimes access;
>otherwise I use Mozilla from SCO Linux or M$.
>I have successfully put a stop to the messages showing up by adding a
>Received: line in my .maildelivery file with the single IP address.
>Question: Is this a fluke and I am the "winner" chosen to receive this ilk
>or is this a coordinated attack? (The messages are not "normal" spam in that
>they do not attempt to sell anything or lead me to their web site; it just
>slows my systems down processing the trash.)
>I also have a much smaller number of delivery failed messages where it uses
>my return address in the From: line with the same bogus email addresses in
>To: line. (This bothers me more than the in bound garbage; I do not want my
>system used to inundate any one else' system. Perhaps low bandwidth does
>have its benefits!)
>Lucky Leavell Phone: (800) 481-2393 (US/Canada)
>UniXpress - Your Source for SCO OR: (812) 366-4066
>1560 Zoar Church Road NE FAX: (812) 366-3618
>Corydon, IN 47112-7374 Email: [email]luckyUniXpress.com[/email]
>WWW Home Page: [url]http://www.UniXpress.com[/url]