spam & microsoft hotmail

**rviradia** · 02-17-2006, 01:33 PM

I noticed alot of connections from microsft IPs, so checked the exim_mainlog and found this (I blocked the entire microsoft /14 in the firewall to this server), what's the best way to track this down, I've looked throgh the all logs and processes running but can't find anything

Thanks in advance

2006-02-17 22:23:00 1FAB8x-00070t-2v mx2.hotmail.com [65.54.245.40]: Connection timed out
2006-02-17 22:23:00 1FAB8x-000713-89 mx4.hotmail.com [65.54.244.104]: Connection timed out
2006-02-17 22:23:00 1FAB8x-00072f-BB mx4.hotmail.com [65.54.244.232]: Connection timed out
2006-02-17 22:23:00 1FAB8x-00074C-Ed mx3.hotmail.com [65.54.245.72]: Connection timed out
2006-02-17 22:23:00 1FAB8x-00078r-IW mx4.hotmail.com [65.54.244.232]: Connection timed out
2006-02-17 22:23:04 1FAB91-0007Ap-O9 mx4.hotmail.com [65.54.244.104]: Connection timed out
2006-02-17 22:23:05 1FAB91-0007Ar-Rw mx4.hotmail.com [65.54.244.104]: Connection timed out
2006-02-17 22:23:05 1FAB91-0007Au-VE mx3.hotmail.com [65.54.245.72]: Connection timed out
2006-02-17 22:23:05 1FAB92-0007Az-1z mx1.hotmail.com [65.54.244.136]: Connection timed out
2006-02-17 22:23:05 1FAB92-0007B4-54 mx3.hotmail.com [65.54.244.200]: Connection timed out
2006-02-17 22:23:05 1FAB5z-000411-Hn mx4.hotmail.com [65.54.244.232]: Connection timed out
2006-02-17 22:23:05 1FAB5z-000414-Kt mx1.hotmail.com [65.54.244.8]: Connection timed out
2006-02-17 22:23:05 1FAB5z-000417-Nq mx3.hotmail.com [65.54.244.72]: Connection timed out
2006-02-17 22:23:06 1FAB5z-00041A-RJ mx1.hotmail.com [65.54.244.136]: Connection timed out
2006-02-17 22:23:06 1FAB60-00041F-4S mx3.hotmail.com [65.54.245.72]: Connection timed out
2006-02-17 22:23:12 1FAB65-0004DB-Sf mx4.hotmail.com [65.54.245.104]: Connection timed out
2006-02-17 22:23:12 1FAB66-0004DD-02 mx2.hotmail.com [65.54.244.168]: Connection timed out
2006-02-17 22:23:12 1FAB66-0004DG-36 mx2.hotmail.com [65.54.245.40]: Connection timed out
2006-02-17 22:23:12 1FAB66-0004DK-6o mx3.hotmail.com [65.54.244.200]: Connection timed out
2006-02-17 22:23:12 1FAB66-0004DN-A9 mx4.hotmail.com [65.54.245.104]: Connection timed out
2006-02-17 22:23:12 1FAB66-0004DP-CI mx1.hotmail.com [65.54.244.136]: Connection timed out
2006-02-17 22:23:12 1FAB66-0004DT-Fg mx2.hotmail.com [65.54.244.40]: Connection timed out
2006-02-17 22:23:12 1FAB66-0004Da-Ly mx4.hotmail.com [65.54.245.104]: Connection timed out
2006-02-17 22:23:12 1FAB66-0004Dd-P2 mx2.hotmail.com [65.54.244.168]: Connection timed out
2006-02-17 22:23:17 1FAB6A-0004Pg-Vo mx3.hotmail.com [65.54.245.72]: Connection timed out
2006-02-17 22:23:17 1FAB6B-0004Pk-3C mx3.hotmail.com [65.54.244.72]: Connection timed out
2006-02-17 22:23:17 1FAB9E-0007RY-JZ mx1.hotmail.com [65.54.244.8]: Connection timed out
2006-02-17 22:23:17 1FAB6B-0004Pt-9y mx3.hotmail.com [65.54.244.200]: Connection timed out

also noticed this:

2006-02-17 22:36:50 1FABPN-0005JG-VM <= ãäÊÏíÇÊãÚåÏÇáÈÍÑíäshaker1985h@hotmail.com H=localhost [127.0.0.1] P=smtp S=2318
2006-02-17 22:36:50 1FABPO-0005JI-33 <= ãäÊÏíÇÊãÚåÏÇáÈÍÑíäshaker1985h@hotmail.com H=localhost [127.0.0.1] P=smtp S=2320
2006-02-17 22:36:50 1FABPO-0005Jq-64 <= ãäÊÏíÇÊãÚåÏÇáÈÍÑíäshaker1985h@hotmail.com H=localhost [127.0.0.1] P=smtp S=2312
2006-02-17 22:36:50 1FABPO-0005Jt-8w <= ãäÊÏíÇÊãÚåÏÇáÈÍÑíäshaker1985h@hotmail.com H=localhost [127.0.0.1] P=smtp S=2317
2006-02-17 22:36:50 1FABPO-0005Jx-CP <= ãäÊÏíÇÊãÚåÏÇáÈÍÑíäshaker1985h@hotmail.com H=localhost [127.0.0.1] P=smtp S=2315

**lloyd_tennison** · 02-21-2006, 04:48 PM

I actually asked Msn a couple of month ago and was told that error means they are getting too much email at the same time - usually virus bounces. I get messages like that all the time with my mailing lists, and Msn and I traced a couple and verified that is what the problem was.

So, when you see a new virus out - expect it.

Yahoo does the same thing. Their error message is the same.

You could also be forwarding or sending SPAM - with that email address you show, although Hotmail does not block much. They just blackhole it.

**rviradia** · 02-21-2006, 05:13 PM

I found that the bounces said the mailer was X-Mailer: IPB PHP Mailer (invision board), never did figure out how to stop it except blackhole hotmail.

Originally Posted by lloyd_tennison

I actually asked Msn a couple of month ago and was told that error means they are getting too much email at the same time - usually virus bounces. I get messages like that all the time with my mailing lists, and Msn and I traced a couple and verified that is what the problem was.

So, when you see a new virus out - expect it.

Yahoo does the same thing. Their error message is the same.

You could also be forwarding or sending SPAM - with that email address you show, although Hotmail does not block much. They just blackhole it.

Forums

Thread: spam & microsoft hotmail

LinkBack

Thread Tools

spam & hotmail

Similar Threads

New Hotmail Spam

hotmail mark as Spam

Hotmail Spam Blacklist

Spam Emails bounce to me when send from a microsoft server.

Bug in Exim SMTP sending spam with mail.microsoft.com

cPanel & WHM

Enkompass

Help

Community

Company

Connect with Us