Hmmm -- a brute-force scan may have been a bad idea, but the idea may in fact be a good one. I'm thinking instead to extract from the sendmail logs all mail servers that connect to an ISP, and run a scan on them. Hopefully craft the return DNS entry such that it's obvious it's a legit test. Or simply to be inocuous. Test all relay's that connect to us, a few ISPs do that, and we might just have a large list of open SMTP servers to contact to fix their servers. Couple with a list of how to fix/upgrade the various server versions (including clueless NT ones), and we might actually make a dent. -Chris ========================================================== Chris Candreva -- chris@westnet.com -- (914) 967-7816 WestNet Internet Services of Westchester http://www.westnet.com/