[176454] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Transparent hijacking of SMTP submission...

daemon@ATHENA.MIT.EDU (Marcin Cieslak)
Sat Nov 29 16:43:46 2014

X-Original-To: nanog@nanog.org
Date: Sat, 29 Nov 2014 21:43:33 +0000
From: Marcin Cieslak <saper@saper.info>
To: joel jaeggli <joelja@bogus.com>
In-Reply-To: <54778167.7080808@bogus.com>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org

On Thu, 27 Nov 2014, joel jaeggli wrote:

> I don't see this in my home market, but I do see it in someone else's...
> I kind of expect this for port 25 but...
> 
> J@mb-aye:~$telnet 147.28.0.81 587
> Trying 147.28.0.81...
> Connected to nagasaki.bogus.com.
> Escape character is '^]'.
> 220 nagasaki.bogus.com ESMTP Sendmail 8.14.9/8.14.9; Thu, 27 Nov 2014
> 19:17:44 GMT
> ehlo bogus.com
> 250-nagasaki.bogus.com Hello XXXXXXXXXXXXXXX.wa.comcast.net
> [XXX.XXX.XXX.XXX], pleased to meet you
> 250 ENHANCEDSTATUSCODES

Seen some anti-virus software (on Windows) doing this.
You might not be running Windows though. Some home
router with some "security improvement" ?

//Marcin


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[176454] in North American Network Operators' Group

Re: Transparent hijacking of SMTP submission...

daemon@ATHENA.MIT.EDU (Marcin Cieslak)Sat Nov 29 16:43:46 2014

daemon@ATHENA.MIT.EDU (Marcin Cieslak)
Sat Nov 29 16:43:46 2014