And now for something completely different :-) For at least several months I have been seeing a large number of empty mail transactions. Currently more than half of our connections consist only of an EHLO command. The client disconnects immediately after the response. Is anybody else noticing this? If so, do you have an idea what this is about? It looks like some kind of fingerprinting of course, but I'm curious why so many are interested in the version of our mail server and the extensions it supports. Maybe a worm trying to find a specific vulnerable SMTP server? hp -- _ | Peter J. Holzer | Je höher der Norden, desto weniger wird |_|_) | Sysadmin WSR | überhaupt gesprochen, also auch kein Dialekt. | | | hjp at hjp.at | Hallig Gröde ist fast gänzlich dialektfrei. __/ | http://www.hjp.at/ | -- Hannes Petersen in desd
Attachment:
pgpgBUjbQAVXS.pgp
Description: PGP signature
_______________________________________________ Asrg mailing list Asrg at ietf.org https://www1.ietf.org/mailman/listinfo/asrg