[103261] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Looking for Clue at Earthlink

daemon@ATHENA.MIT.EDU (Barry Shein)
Mon Mar 24 17:40:28 2008

From: Barry Shein <bzs@world.std.com>
Date: Mon, 24 Mar 2008 17:31:54 -0400
To: Rob Szarka <szlists@szarka.org>
Cc: nanog@merit.edu
In-Reply-To: <200803241519.m2OFJ96Y042861@hustle.szarka.net>
Errors-To: owner-nanog@merit.edu



On March 24, 2008 at 11:19 szlists@szarka.org (Rob Szarka) wrote:
 > 
 > 
 > If someone here is from Earthlink, or knows someone who is, please 
 > get in touch with me off-list. I have a mail-related issue to 
 > resolve. (Sadly the ARIN-listed contact is not valid and mail to 
 > postmaster seems to go into the same black hole as mail to abuse.)
 > 
 > Specifically, the issue relates to the servers in 209.86.89.0/24, in 
 > case anyone here is already aware of an issue with the servers in 
 > this block and can help.

Do you mean how they're pwned and just spew dictionary attacks?

It comes and goes tho mostly comes.

Mar 24 17:09:37 pcls5 sendmail[23040]: NOUSER: kprice5 relay=elasmtp-junco.atl.sa.earthlink.net [209.86.89.63]
Mar 24 17:18:19 pcls5 sendmail[4351]: accept: 25 elasmtp-masked.atl.sa.earthlink.net [209.86.89.68]
Mar 24 17:18:30 pcls5 sendmail[4351]: NOUSER: kpm relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68]
Mar 24 17:18:33 pcls5 sendmail[4351]: NOUSER: kpm1 relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68]
Mar 24 17:18:36 pcls5 sendmail[4351]: NOUSER: kpm10 relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68]
Mar 24 17:18:39 pcls5 sendmail[4351]: NOUSER: kpm2 relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68]
Mar 24 17:18:42 pcls5 sendmail[4351]: NOUSER: kpm3 relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68]
Mar 24 17:24:41 pcls5 sendmail[13117]: accept: 25 elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67]
Mar 24 17:24:51 pcls5 sendmail[13117]: NOUSER: kpr relay=elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67]
Mar 24 17:24:54 pcls5 sendmail[13117]: NOUSER: kpr1 relay=elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67]
Mar 24 17:24:57 pcls5 sendmail[13117]: NOUSER: kpr10 relay=elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67]
Mar 24 17:25:00 pcls5 sendmail[13117]: NOUSER: kpr2 relay=elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67]
Mar 24 17:25:03 pcls5 sendmail[13117]: NOUSER: kpr3 relay=elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67]


-- 
        -Barry Shein

The World              | bzs@TheWorld.com           | http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD        | Login: Nationwide
Software Tool & Die    | Public Access Internet     | SINCE 1989     *oo*


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[103261] in North American Network Operators' Group

Re: Looking for Clue at Earthlink

daemon@ATHENA.MIT.EDU (Barry Shein)Mon Mar 24 17:40:28 2008

daemon@ATHENA.MIT.EDU (Barry Shein)
Mon Mar 24 17:40:28 2008