Andrew - Supernews wrote: > >>>>> "Wakko" == Wakko Warner <[EMAIL PROTECTED]> writes: > > Wakko> 2007-10-07 21:17:30 no IP address found for host > Wakko> spam.complaints.(888)292-3827.alltel.senior.support.ticket#2-940727661 > Wakko> (during SMTP connection from [216.96.39.144] I=[<removed>]:25) > > Wakko> Has anyone seen entries like this before? > > Of course, though the particular text in that one (which is from the > PTR record for 216.96.39.144) seems a little bit unusual.
It was odd that the 2nd time that IP connected, there was no rDNS PTR at all. > All it's telling you is that the PTR record for that IP didn't resolve > back to an IP address. I understand this. > Wakko> (I did remove my local host's IP from the line above. I'm not > Wakko> asking for support, just asking if anyone else has any similar > Wakko> entry) > > Plenty of spam attempts in my log from that IP, which is also listed in > CBL (and hence Spamhaus XBL and Zen), Spamcop and PSBL. It's clearly > infected with the Storm malware and sending spam in large quantities > (and has been doing so for at least several days). I don't check RBLs if there's no valid rDNS, I just defer (incase there's a dns problem) > What Alltel or whoever think they're trying to achieve with that rDNS > entry is a complete mystery to me, though. As it is to me as well, I posted this for comments about the name that was returned. I thought that ( ) and # weren't allowed in hostnames. -- Lab tests show that use of micro$oft causes cancer in lab animals Got Gas??? -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
