Hi! This is the ezmlm program. I'm managing the
incidentssecurityfocus.com mailing list.

I'm working for my owner, who can be reached
at incidents-ownersecurityfocus.com.

Messages to you from the incidents mailing list seem to
have been bouncing. I've attached a copy of the first bounce
message I received.

If this message bounces too, I will send you a probe. If the probe bounces,
I will remove your address from the incidents mailing list,
without further notice.

I've kept a list of which messages from the incidents mailing list have
bounced from your address.

Copies of these messages may be in the archive.

To retrieve a set of messages 123-145 (a maximum of 100 per request),
send an empty message to:
   <incidents-get.123_145securityfocus.com>

To receive a subject and author list for the last 100 or so messages,
send an empty message to:
   <incidents-indexsecurityfocus.com>

Here are the message numbers:

   3745

--- Enclosed is a copy of the bounce message I received.

Return-Path: <>
Received: (qmail 23155 invoked from network); 22 Jul 2002 20:11:39 -0000
Received: from unknown (HELO securityfocus.com) (66.38.151.9)
  by lists.securityfocus.com with SMTP; 22 Jul 2002 20:11:39 -0000
Received: (qmail 17632 invoked by alias); 22 Jul 2002 20:09:07 -0000
Received: (qmail 17621 invoked from network); 22 Jul 2002 20:09:07 -0000

  by mail.securityfocus.com with SMTP; 22 Jul 2002 20:09:07 -0000

        id D5CDC180D0; Mon, 22 Jul 2002 15:17:34 -0500 (CDT)
Date: Mon, 22 Jul 2002 15:17:34 -0500 (CDT)

Subject: Undelivered Mail Returned to Sender

MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;

This is a MIME-encapsulated message.

Content-Description: Notification
Content-Type: text/plain

I'm sorry to have to inform you that the message returned
below could not be delivered to one or more destinations.

For further assistance, please send mail to <postmaster>

If you do so, please include this problem report. You can
delete your own text from the message returned below.

                        The Postfix program

    /home/httpd/archives-mbox/current.mbox: error writing message: File too
    large

Content-Description: Delivery error report
Content-Type: message/delivery-status

Arrival-Date: Mon, 22 Jul 2002 15:17:34 -0500 (CDT)

Action: failed
Status: 5.0.0
Diagnostic-Code: X-Postfix; cannot append message to destination file
    /home/httpd/archives-mbox/current.mbox: error writing message: File too
    large

Content-Description: Undelivered Message
Content-Type: message/rfc822

Received: from outgoing.securityfocus.com (outgoing2.securityfocus.com [66.38.151.26])


Received: from lists.securityfocus.com (lists.securityfocus.com [66.38.151.19])
        by outgoing.securityfocus.com (Postfix) with QMQP
        id 2C82C8F2BD; Mon, 22 Jul 2002 13:24:20 -0600 (MDT)
Mailing-List: contact incidents-helpsecurityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <incidents.list-id.securityfocus.com>
List-Post: <mailto:incidentssecurityfocus.com>
List-Help: <mailto:incidents-helpsecurityfocus.com>
List-Unsubscribe: <mailto:incidents-unsubscribesecurityfocus.com>
List-Subscribe: <mailto:incidents-subscribesecurityfocus.com>
Delivered-To: mailing list incidentssecurityfocus.com
Delivered-To: moderator for incidentssecurityfocus.com
Received: (qmail 22382 invoked from network); 22 Jul 2002 20:08:24 -0000
Sender: paulgeargear03.gear.dyndns.org
Message-ID: <3D3C6794.3A0E992Egear.dyndns.org>
Date: Tue, 23 Jul 2002 06:14:12 +1000
From: Paul Gear <paulgear.dyndns.org>
X-Mailer: Mozilla 4.79 [en] (X11; U; Linux 2.4.18-5 i686)
X-Accept-Language: en
MIME-Version: 1.0
To: incidents.13web-cities.net
Cc: incidentssecurityfocus.com
Subject: Re: China Experience ?
References: <FB1F64412FB78D46A1630FE40D483EAFEA2EBDmitnoc01n2> <031a01c2319e$759ea440$624cbcd8mschwarz2>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: by amavisd-milter (http://amavis.org/)

incidents.nospam13web-cities.net wrote:

> How many of you blackhole ISP's?
> I blackhole generic stuff like on the secure IOS templates but never really
> considered this.
> Anyone have a blackhole lists that they can share?

dshield.org provide a semi-automatically-maintained blacklist on their site,
based on the attackers who most frequently show up in their database. I've not
used it, but it looks fairly sensible.

Paul
http://paulgear.webhop.net

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]