[Tfug] Qmail and Open Relay
Felix Tilley
fetilley at earthlink.net
Sat Jun 9 20:45:36 MST 2007
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Fri, 08 Jun 2007 21:04:16 -0700
> From: kelley g <services at toasterz.com>
> Subject: Re: [Tfug] Qmail and Open Relay
> To: tfug at tfug.org
> Message-ID: <466A26C0.30804 at toasterz.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> <snip>
>> If it is a contact form would the emails appear with:
>>
>> Received: from 202.99.204.66 by h0000000 (envelope-from <>, uid 64011)
>> with qmail-scanner-1.25st
>>
>> The IP address 202.99.204.66 is not ours. It appears to be somewhere in
>> China.
>>
>> Andy
Correct. This is in China, and the whole CIDR should be be blocked.
Any net called China169 should be firewalled.
whoarin 202.99.204.66
OrgName: Asia Pacific Network Information Centre
OrgID: APNIC
Address: PO Box 2131
City: Milton
StateProv: QLD
PostalCode: 4064
Country: AU
[snip]
netnum: 202.99.204.66 - 202.99.204.66
netname: yifuxiaoxue
country: CN
descr: shanxi yuncheng yifuxiaoxue
admin-c: YC1161-AP
tech-c: YC1161-AP
status: ASSIGNED NON-PORTABLE
changed: yuncheng at public.yc.sx.cn 20070510
mnt-by: MAINT-CNCGROUP-SX
source: APNIC
route: 202.99.192.0/19
descr: CNC Group CHINA169 Shanxi Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse at cnc-noc.net 20060118
source: APNIC
person: yun cheng
nic-hdl: YC1161-AP
e-mail: yuncheng at public.yc.sx.cn
address: Shanxi Yuncheng
phone: +86-359-2060349
fax-no: +86-359-2025344
country: CN
changed: yuncheng at public.yc.sx.cn 20070424
mnt-by: MAINT-CNCGROUP-SX
source: APNIC
More information about the tfug
mailing list