On Wednesday, Apr 9, 2003, at 12:32 Europe/London, Brad Spencer wrote:
I can't explain, but all he did was HELO and QUIT, no message. It
makes some small amount of sense to verify you can get through the
proxy to port 25 someplace, I suppose, but for the real answer you'd
need to ask Mr. Spammer.
It was a doubly dumb thing for the spammer to do. First dumb is that
of all the IPs he could have picked he picked mine, where I pay
attention to the logs. The second dumb is that my MTA is old and
stupid - it can only listen to one source at a time. At the time of
these tests the MTA was also busy accepting relay spam so the testing
spammer would have to wait until that long, long transaction finished
to make his connection. That was delayed. As he surely did it using
an automated procedure the effect was just one of inefficiency - he
didn't lose personal time.
That still doesn't explain how you can build an open proxy honeypot.
This is still about an open relay honeypot. Please explain in terms of
*just* an open proxy honeypot.
Matt.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg