ORBS Relay "Test" FCN ATTACK
To whom it may concern, At 16:31 EST, an attempt to do unauthorized mail relaying through the scriba.org/FCN.NET server was made from your system. None of your users have been authorized to do so, and as such, it is being viewed at as a very serious matter. This server does not authorize non-local users to relay mail. Attempts, however, are logged. Allow us to remind you that the use of other people's domain and user names may be pursued in a court of law for breach of international copyright laws and impersonation. Today's attack was very distasteful in behavior: not closing connections properly, no proper from-line in the SMTP envelope, non-local user relay attempt, and on top of this several attempts in very few seconds. Attempting to do anything like this again may cause a lawsuit for the attempt of breaking the system. Please halt this activitiy, or risk legal action. Gard SCRIBA/FCN System Administrator PS - We have repeatedly tried to e-mail the originators of the attack but our mail has been filtered from this site. Further, our server has been attacked several time more over the course of this afternoon. We have several reccomendations to make to other people who may wish to work more constructively in this regard: - If you wish to engage in these activities obtain the permission of the Server Admin *before* attacking their machines. - Keep a database of servers you have tested (after obtaining permission) for future referance and do not repeat your actions. respectfully, Bob Allisat Free Community Network _ bob@fcn.net . http://fcn.net http://fcn.net/allisat _ http://fcn.net/draft To: <orbs@dorkslayers.com>, <nanog@merit.edu> Cc: <abuse@dorkslayers.com>, <postmaster@dorkslayers.com>, <admin@dorkslayers.com>, <abuse@simkin.com, postmaster@simkin.com>, <admin@simkin.com>, <sword@dorkslayers.com>, <ahodgson@simkin.com> ________________________________________________________________ ---------- Forwarded message ---------- Return-Path: junkmail Received: (from root@localhost) by scriba.org (8.8.5/8.7.3) id QAA23362 for junkmail; Thu, 19 Nov 1998 16:32:02 -0500 Received: from [199.175.137.111:2905] by scriba.org with SLIME; Thu Nov 19 16:32:01 1998 X-Slime-scriba.org: Sender= To: dorktest@dorkslayers.com From: sender@dorkslayers.com Date: Sun, 12 Jul 1998 01:51:21 GMT X-Token: closhouv X-Envelope-Sender: <null> Message-Id: <208.222.122.049@skynet.simkin.com> Subject: ORBS Relay Test X-Slime-Status: Junk X-Slime-Recepients: <dorktest@dorkslayers.com> This program tests for open relays. Open relays will automatically be added to the Dorkslayers Open Relay Blocking List (see http://www.dorkslayers.com/orbs/). Do not use the above addresses to contact me - use orbs@dorkslayers.com. ---------- Slime LOG ---------- Thu Nov 19 16:31:30 1998 slime [199.175.137.111:2892] Connect Thu Nov 19 16:31:31 1998 slime [199.175.137.111:2892] : HELO skynet.simkin.com Thu Nov 19 16:31:31 1998 slime [199.175.137.111:2892] : MAIL FROM: <sender@dorkslayers.com> Thu Nov 19 16:31:31 1998 slime [199.175.137.111:2892] : RCPT TO: <dorktest@dorkslayers.com> Thu Nov 19 16:31:31 1998 slime [199.175.137.111:2892] ERROR! Attempt to relay mail to <dorktest@dorkslayers.com> Thu Nov 19 16:31:31 1998 slime [199.175.137.111:2893] Connect Thu Nov 19 16:31:32 1998 slime [199.175.137.111:2893] : HELO skynet.simkin.com Thu Nov 19 16:31:34 1998 slime [199.175.137.111:2893] : MAIL FROM: <> Thu Nov 19 16:31:34 1998 slime [199.175.137.111:2893] ERROR! No @ sign in from: <> Thu Nov 19 16:31:34 1998 slime [199.175.137.111:2893] : RCPT TO: <dorktest@dorkslayers.com> Thu Nov 19 16:31:35 1998 slime [199.175.137.111:2893] : DATA Thu Nov 19 16:31:35 1998 slime [199.175.137.111:2893] From=junkmail Rcpt=junkmail Thu Nov 19 16:31:35 1998 slime [199.175.137.111:2893] Sendmail=0 Thu Nov 19 16:31:36 1998 slime [199.175.137.111:2893] : QUIT Thu Nov 19 16:31:36 1998 slime [199.175.137.111:2893] Exiting Thu Nov 19 16:31:36 1998 slime [199.175.137.111:2895] Connect Thu Nov 19 16:31:37 1998 slime [199.175.137.111:2895] : HELO skynet.simkin.com Thu Nov 19 16:31:37 1998 slime [199.175.137.111:2895] : MAIL FROM: <sender@dorkslayers.com> Thu Nov 19 16:31:37 1998 slime [199.175.137.111:2895] : RCPT TO: <dorktest@dorkslayers.com> Thu Nov 19 16:31:37 1998 slime [199.175.137.111:2895] ERROR! Attempt to relay mail to <dorktest@dorkslayers.com> Thu Nov 19 16:31:38 1998 slime [199.175.137.111:2897] Connect Thu Nov 19 16:31:38 1998 slime [199.175.137.111:2897] : HELO skynet.simkin.com Thu Nov 19 16:31:38 1998 slime [199.175.137.111:2897] : MAIL FROM: <> Thu Nov 19 16:31:38 1998 slime [199.175.137.111:2897] ERROR! No @ sign in from: <> Thu Nov 19 16:31:38 1998 slime [199.175.137.111:2897] : RCPT TO: <dorktest@dorkslayers.com> Thu Nov 19 16:31:39 1998 slime [199.175.137.111:2897] : DATA Thu Nov 19 16:31:40 1998 slime [199.175.137.111:2897] From=junkmail Rcpt=junkmail Thu Nov 19 16:31:40 1998 slime [199.175.137.111:2897] Sendmail=0 Thu Nov 19 16:31:40 1998 slime [199.175.137.111:2897] : QUIT Thu Nov 19 16:31:40 1998 slime [199.175.137.111:2897] Exiting Thu Nov 19 16:31:45 1998 slime [199.175.137.111:2898] Connect Thu Nov 19 16:31:48 1998 slime [199.175.137.111:2898] : HELO skynet.simkin.com Thu Nov 19 16:31:49 1998 slime [199.175.137.111:2898] : MAIL FROM: <sender@dorkslayers.com> Thu Nov 19 16:31:49 1998 slime [199.175.137.111:2898] : RCPT TO: <dorktest@dorkslayers.com> Thu Nov 19 16:31:49 1998 slime [199.175.137.111:2898] ERROR! Attempt to relay mail to <dorktest@dorkslayers.com> Thu Nov 19 16:31:49 1998 slime [199.175.137.111:2899] Connect Thu Nov 19 16:31:50 1998 slime [199.175.137.111:2899] : HELO skynet.simkin.com Thu Nov 19 16:31:50 1998 slime [199.175.137.111:2899] : MAIL FROM: <> Thu Nov 19 16:31:50 1998 slime [199.175.137.111:2899] ERROR! No @ sign in from: <> Thu Nov 19 16:31:52 1998 slime [199.175.137.111:2899] : RCPT TO: <dorktest@dorkslayers.com> Thu Nov 19 16:31:52 1998 slime [199.175.137.111:2899] : DATA Thu Nov 19 16:31:52 1998 slime [199.175.137.111:2899] From=junkmail Rcpt=junkmail Thu Nov 19 16:31:53 1998 slime [199.175.137.111:2899] Sendmail=0 Thu Nov 19 16:31:53 1998 slime [199.175.137.111:2899] : QUIT Thu Nov 19 16:31:53 1998 slime [199.175.137.111:2899] Exiting Thu Nov 19 16:31:54 1998 slime [199.175.137.111:2902] Connect Thu Nov 19 16:31:55 1998 slime [199.175.137.111:2902] : HELO skynet.simkin.com Thu Nov 19 16:31:55 1998 slime [199.175.137.111:2902] : MAIL FROM: <sender@dorkslayers.com> Thu Nov 19 16:31:56 1998 slime [199.175.137.111:2902] : RCPT TO: <dorktest@dorkslayers.com> Thu Nov 19 16:31:56 1998 slime [199.175.137.111:2902] ERROR! Attempt to relay mail to <dorktest@dorkslayers.com> Thu Nov 19 16:31:57 1998 slime [199.175.137.111:2903] Connect Thu Nov 19 16:31:57 1998 slime [199.175.137.111:2903] : HELO skynet.simkin.com Thu Nov 19 16:31:57 1998 slime [199.175.137.111:2903] : MAIL FROM: <> Thu Nov 19 16:31:57 1998 slime [199.175.137.111:2903] ERROR! No @ sign in from: <> Thu Nov 19 16:31:57 1998 slime [199.175.137.111:2903] : RCPT TO: <dorktest@dorkslayers.com> Thu Nov 19 16:31:58 1998 slime [199.175.137.111:2903] : DATA Thu Nov 19 16:31:58 1998 slime [199.175.137.111:2903] From=junkmail Rcpt=junkmail Thu Nov 19 16:31:58 1998 slime [199.175.137.111:2903] Sendmail=0 Thu Nov 19 16:31:59 1998 slime [199.175.137.111:2903] : QUIT Thu Nov 19 16:31:59 1998 slime [199.175.137.111:2903] Exiting Thu Nov 19 16:31:59 1998 slime [199.175.137.111:2904] Connect Thu Nov 19 16:32:00 1998 slime [199.175.137.111:2904] : HELO skynet.simkin.com Thu Nov 19 16:32:00 1998 slime [199.175.137.111:2904] : MAIL FROM: <sender@dorkslayers.com> Thu Nov 19 16:32:00 1998 slime [199.175.137.111:2904] : RCPT TO: <dorktest@dorkslayers.com> Thu Nov 19 16:32:00 1998 slime [199.175.137.111:2904] ERROR! Attempt to relay mail to <dorktest@dorkslayers.com> Thu Nov 19 16:32:01 1998 slime [199.175.137.111:2905] Connect Thu Nov 19 16:32:01 1998 slime [199.175.137.111:2905] : HELO skynet.simkin.com Thu Nov 19 16:32:01 1998 slime [199.175.137.111:2905] : MAIL FROM: <> Thu Nov 19 16:32:01 1998 slime [199.175.137.111:2905] ERROR! No @ sign in from: <> Thu Nov 19 16:32:01 1998 slime [199.175.137.111:2905] : RCPT TO: <dorktest@dorkslayers.com> Thu Nov 19 16:32:02 1998 slime [199.175.137.111:2905] : DATA Thu Nov 19 16:32:02 1998 slime [199.175.137.111:2905] From=junkmail Rcpt=junkmail Thu Nov 19 16:32:02 1998 slime [199.175.137.111:2905] Sendmail=0 Thu Nov 19 16:32:03 1998 slime [199.175.137.111:2905] : QUIT Thu Nov 19 16:32:03 1998 slime [199.175.137.111:2905] Exiting Thu Nov 19 16:32:31 1998 slime [199.175.137.111:2892] Idle too long - closing Thu Nov 19 16:32:37 1998 slime [199.175.137.111:2895] Idle too long - closing Thu Nov 19 16:32:49 1998 slime [199.175.137.111:2898] Idle too long - closing Thu Nov 19 16:32:56 1998 slime [199.175.137.111:2902] Idle too long - closing Thu Nov 19 16:33:01 1998 slime [199.175.137.111:2904] Idle too long - closing ---------- Further information ---------- Internic information for dorkslayers.com: Dorkslayers International (DORKSLAYERS-DOM) 1430 - 405 Granville St. Vancouver, BC V6C 1T2 CA Domain Name: DORKSLAYERS.COM Administrative Contact, Technical Contact, Zone Contact: Sword, Dorkslayers (DS6585) sword@DORKSLAYERS.COM +1 (604) 555-5555 (FAX) +1 (604) 555-5555 Billing Contact: Sword, Dorkslayers (DS6585) sword@DORKSLAYERS.COM +1 (604) 555-5555 (FAX) +1 (604) 555-5555 199.175.137.111 is skynet.simkin.com Internic information for simkin.com: Simkin Network Consulting (SIMKIN-DOM) Suite 1430, 405 Granville St. Vancouver, BC V6C 1T2 CA Domain Name: SIMKIN.COM Administrative Contact, Technical Contact, Zone Contact: Hodgson, Alan J [Systems Specialist] (AH52) ahodgson@SIMKIN.COM +1 (604) 555-1234 ext. 103 (FAX) +1 (604) 555-4321 Billing Contact: Hodgson, Alan J [Systems Specialist] (AH52) ahodgson@SIMKIN.COM +1 (604) 555-1234 ext. 103 (FAX) +1 (604) 555-4321 Information on 199.175.137.111 from ARIN [No name] (SKYNE7-HST) SKYNET.SIMKIN.COM 199.175.137.111 ________________________________________________________________ Bob Allisat Free Community Network _ bob@fcn.net . http://fcn.net http://fcn.net/allisat _ http://fcn.net/draft
participants (1)
-
Bob Allisat