SMTP Fraud

Sent out emails to alot of my contacts (from what I can see) Luckily, Gmail notified me and was recommended to change my password. ...

Our address book is being used to send spam emails which appear to originate from our address. Changing passwords has not helped so the address book must have been stolen....

Sent me a spam email from \"myself\", loser. Hotmail picked it up and sent it to the trash. I think somehow my stalker did this though but am not sure....

Someone recently tried to use an application to sign in to your Google Account, wingman723@gmail.com. We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please...

This IP was Hijack and now is very bad.. spiking up my server trying to carsh it... ban for ever. sorry Wellstar Health System keep your eyes on your IPS...

http://www.improsys.com/live_sites this lists sites they are running on, and also they have high profile paid customers that they don\'t list They must use improsys to spam our email and send out soli...

They have been using my address book to send spam as me, they re asking for money I am reporting this to the FTC. They illeglly obtained my password and commited Identitiy theft...

The email server at nutricao@ceuma.br has been compromised by villains and they have hacked into nutricao@ceuma.br and spoofed my email address in to their mail server so that I receive emails that ar...

Sendmail log forged attempt static-50-46-72-58.evrt.wa.frontiernet.net [50.46.72.58] (may be forged): EXPN root [rejected]: 1 Time(s) static-50-46-72-58.evrt.wa.frontiernet.net [50.46.72.58] (may ...

this ip is doing smtp pop3 brute force password probing - probably compromised server that is now being used for attacks - it needs to be shut down ...

Another SMTP was detected. My GMail appears to have been hacked again. This appears to be related to the blank pdf virus attachment that has been circulating through the web. This is the 2nd time that...

icare7@amcustomercare.att-mail.com att.com | Support | My AT&T Account Rethink Possible Your wireless bill is ready to view Dear Customer, Your monthly wireless bill for your account is now ava...

My email address was hijacked and my contacts were spammed from this ip address. They were trying to direct people to a Breakout Income System video....

I recieved an email from a friend who died last month... From: Louise Cook [mailto:cook_louise@msn.com] Sent: Monday, April 16, 2012 7:24 PM To: dscottc@yahoo.com; susie.broadwater@yahoo.com; jenhodg...

--------------------- pam_unix Begin ------------------------ dovecot: Authentication Failures: office rhost=113.21.64.27 : 108 Time(s) backup rhost=113.21.64.27 : 72 Time(s) co...

sending out email using my email address. I do not konw how to stop this. Do I changw my user name and password. Or should I just close the email account. Please respond as soon as possible. I delete ...

sending out email using my email address. I do not konw how to stop this. Do I changw my user name and password. Or should I just close the email account. Please respond as soon as possible. I de...

hacking into my account there are a lot of others as well, all using \"SMTP\", they get in and they are reading all my emails...

Also hacked my email account. sent out spam emails using IMAP and SMTP service, using all the contacts i have listed or have ever sent to. google managed to block most/all? of them, came back as undel...

more then 100 times a day form this ip for almost a week now. the domain name realted to the up is studentfiles.de . ....

My email was hacked by this ip address. It sent blank .pdfs containing a virus to all of my contacts. It is a burden for me and to everyone who received these emails. Anyone who is looking to ruin som...

they twice (access by SMTP then IMAP) hacked into my gmail account May 24th, was alerted to suspicious activity and emails returned to my address that these/this scumballs sent out. ...

maillog:Mar 15 13:44:50 113-28-55-70 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<testuser>, method=PLAIN, rip=68.213.0.93, lip=113.28.55.95 maillog:Mar 15 13:44:53 113-28...

Hacked Gmail Account and used it to send spam to every user in my contact list. Also changed out of office to send a spam message....

Hacked my Gmail account and sending pdf virus attachment. IP address is shown using the following smtp transactions: Received: from localhost.localdomain (gatehouse.cambridgema.gov. [204.167.92.26]) ...

MANY SUB DOMAINS WITH THOUSANDS OF FRAUD MAIL EVERY DAY. www. emagu .ro with many sub-domains www. corpul - perfect. ro www. mansales. ro www. oat .ro Please report. ...

This Ip is always trying to connect to my server to send spam 31.184.244.26 - - [06/Mar/2012:14:17:04 -0500] \"POST /1e2f.php HTTP/1.1\" 404 - \"-\" \"-\" 31.184.244.26 ...

Sender from this IP is claiming to be the US Treasury Department. Received: from [74.92.68.33] (account igor HELO User) by kpsb.ru (CommuniGate Pro SMTP 4.2.10) with ESMTP id 640726; Tue, 21 Feb...

The person attached to this phone is useing it to scam hard working familys out of there money by lying that he owns renatl property and asking for deposits and nothing is ever received in return!!...

Please check the mentioned IP, I have received a fake email from Amazon with the above IP masked as below: You just canceled order #198-915882-7658795 placed on February 20, 2012. #198-915882-765879...

Port scanning 80.101.51.237 PSNG_UDP_FILTERED_PORTSCAN ...

A user who created a phishing mail account related to the provided IP hacked into mail account and performed a \"Mugged in London\" scam, posing as the legitimate account owner an asking for...

SMTP connections via stolen or hacked email accounts. This IP was logged as authenticating into customer email accounts and using it to send spam out from our internal system. ...

Beware of this ip address. He is collecting information through email address, spamming. He will also invite you for a sex chat. His email ad is operations.marketingmaster@gmail.com and his name is Ed...

2011 release of NIKE FREE Run + 2 can be wrapped like a normal foot socks, breathable upper with a strong mesh fabric, the unique asymmetrical lacing design can ease the pressure on the instep and the...

This address is attempting to attack my mail server, and is making many attempts every minute. Has been for hours now. Please blacklist this IP. Thanks!...

This address is attempting to attack my mail server, and is making many attempts every minute. Has been for hours now. Please blacklist this IP. Thanks!...

Attack on my SMTP server from ip 218.18.122.185 Attack on my SMTP server from ip 218.18.122.185 Attack on my SMTP server from ip 218.18.122.185 Attack on my SMTP server from ip 218.18.122.185...

My Mail Server log a attack by SMTP from this IP: 116.235.97.42 My Mail Server log a attack by SMTP from this IP: 116.235.97.42 My Mail Server log a attack by SMTP from this IP: 116.235.97.42...

Sent out hundreds of emails to random addresses in the name of my account. Mail delevere failed messegas are returned to me. Seems to be sending even though my computer is turned off....

Dec 27 21:57:03 113-28-55-70 sendmail[7901]: ruleset=check_relay, arg1=[113.21.64.27], arg2=113.21.64.27, relay=[113.21.64.27], reject=550 5.7.1 Access denied Dec 27 21:57:10 113-28-55-70 dovecot: pop...

Spam E-mail messages were fradulently sent using my Yahoo! account to all members of my Yahoo! contact list. According to the headers, they were sent from IP 109.243.139.188...

There have been multiple hacking attempts and malicious attacks originating from the captured IP address listed (46.33.216.29) beginning December 18, 2011 on multiple accounts including Google, MSN an...

These guys are so smart for monkeys - NOT :) 14/12/11 12:08:39 PM - TCPIP - 222.254.253.71 14/12/11 12:08:40 PM - EHLO localhost 14/12/11 12:08:40 PM - MAIL FROM: <0-evoon.sg@wap-logistics.com>...

More dumb monkeys calling their servers \'Localhost\', ggggeee that is so tricky. Normal ppl would have tried something new, but these guys dont learn from their failures. Do they pay the monkeys in...

Well I have seen some fools but these guys take the cake & the icing as well, they have been trying to spam our SMTP servers for years. But they are so dumb that they are calling there servers \'...

Guys More baby hackers, 108 x SMTP conn & then Dis-conn These guys are so powerful I dont know how the SMTP server can take the pressure :) Were are all the real hackers ??? ...

EHLO windows AUTH LOGIN QUIT These guys are a joke, they are trying to login to our SMTP server x 10 times. They think that if they keeo trying them will be a winner L O S E R S !!!!!...

maillog:Dec 11 03:47:19 113-28-55-70 dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<office>, method=PLAIN, rip=98.191.211.70, lip=113.28.254.254 maillog:Dec 11 03:47:30 113-2...

Another baby hacker, sucking on his dummy He has been SMTP connect & then SMTP disconnect x 42 times. Geee this is really scary, he almost crashed our server :) Were are the real hackers ?...

karen millen sale excellent company! Excellent seller and service! <H1><a href=\"http://www.salesnorthfaceonline.com/\" title=\"the north face\">the north face</a&gt...

Another baby hacker, sucking on his dummy He has been SMTP connect & then SMTP disconnect x 42 times. Geee this is really scary, he almost crashed our server :) Were are the real hackers ? ...

This IP tried to hack last days via smth auth command it used sevel tries for userid password sniffing. Checked this behavoir for the last several days....

Hi, We have been experiencing high volumes of emails in the send queue since yesterday, all from this particular ip: 96.57.114.194 We have changed the password for the user that was exploited (recept...

More than 5000 emails tried to be sent through our email server I can be contacted at info@anulatrans.lv for more details/logs etc. after blacklisting the ip: Nov 21 15:36:08 anulatrans kernel: [--...

someone from this address is exploiting a vulnerability on virtue mart product recommendation page by email to send massive amounts of spams from my website...

someone from this address is exploiting a vulnerability on virtue mart product recommendation page by email to send massive amounts of spams from my website...

someone from this address is exploiting a vulnerability on virtue mart product recommendation page by email to send massive amounts of spams from my website...

The IP-Adress: 200.71.210.151 Attempted to relay email through my unpublished SMTP server. Email from address was vreaumiel@yahoo.com and to sniffedpass@gmail.com The Helo Command looks came frome res...

maillog:Nov 12 06:48:15 113-28-55-70 dovecot: pop3-login: Aborted login (auth failed, 1 attempts ): user=<club>, method=PLAIN, rip=190.81.169.130, lip=113.28.254.254 maillog:Nov 12 06:48:15 113-...

Messages coming from this IP address seem to be spoofing gmail account users. {omitted} X-Env-Sender: Alicia.Rathers@gmail.com X-Msg-Ref: server-12.tower-196.messagelabs.com!1321037307!59116765!1 X-O...

My GMail account accessed, unauthorized. I\'m not sure how, but, on Nov 11 my account was accessed from this IP. I live in VA also!...

This guy is really a joke, another little baby, he is sending out directory harvest emails with \"Return Receipts\" set. He is also using a hotmail address - martinezgraf@hotmail.com Borin...

This guy is pathetic - he must have lost his rattle for a while :) He sent 69 SMTP disconnects one after another, then I guess he found his rattle !!!...

send mail using msn account, from this ip many mail are sent using msn accounts and spams all the user account, how to stop him ?...

Nov 1 04:25:15 scorpio postfix/smtpd[14624]: NOQUEUE: reject: RCPT from unknown[122.170.83.105]: 450 4.7.1 Client host rejected: cannot find your hostname, [122.170.83.105]; from=<postmaster@seibe...

This guy is getting really grumpy - he cant deliver any spam, not even into mail.box, cant get any in mate :) 22/10/2011 12:09:09 PM Opened TCP/IP connection from 212.227.85.161,56534 to x.x.x.x,25 ...

Oct 12 18:18:01 server pop3d: LOGIN FAILED, ip=[::ffff:124.217.227.100] Oct 12 18:18:10 server pop3d: LOGIN FAILED, ip=[::ffff:124.217.227.100] Oct 12 18:18:16 server pop3d: LOGIN FAILED, ip=[::ffff:1...

Oct 12 09:05:16 server pop3d: LOGIN FAILED, ip=[::ffff:209.225.189.154] Oct 12 09:05:16 server pop3d: LOGIN FAILED, ip=[::ffff:209.225.189.154] Oct 12 09:05:22 server pop3d: LOGIN FAILED, ip=[::ffff:2...

Oct 8 05:00:12 113-28-55-70 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<www>, method=PLAIN, rip=64.31.61.143, lip=113.28.254.254 Oct 8 05:00:22 113-28-55-70 dovecot: po...

Oct 3 15:32:15 113-28-55-70 dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=<pwrchute>, method=PLAIN, rip=96.9.170.40, lip=113.28.55.95 Oct 3 15:32:33 113-28-55-70 dovecot: i...

Was logged accessing my Comcast WebMail Account to send out Email to several contacts. Checked header on the outgoing Email that was found in my Sent Folders....

This IP is trying to relay though our mail server and flooding our connection. They are sending mail every second and trying to spam us....

PLEASE do something about this obvious mail fraud (email fraud).. They are sending spam using my/our credentials to people on my/our mailing lists.. Many people that I know have been greatly offended ...

Sep 26 20:50:01 113-28-55-70 sendmail[6924]: p8QCnqQK006924: adsl-71-158-240-190.dsl.pltn13.sbcgloba l.net [71.158.240.190] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA Sep 26 20:50:54 1...

From - Fri Sep 16 09:04:08 2011 X-Account-Key: account11 X-UIDL: 22D51F98-DFEB-11E0-8CAC-001E0BCBB1E8 X-Mozilla-Status: 0001 X-Mozilla-Status2: 10000000 X-Mozilla-Keys: ...

Spam emails are being sent from this IP address using several yahoo.co.uk users emails as the From and To address. However the email originates from 77.230.137.15 (account 0-r.seymour@halliburton.com ...

151.63.58.51 sent pharma link by e-mail to all my contacts in my name. I noticed that while i got returned mails by hotmail that could not be delivered to some contacts....

Gmail shows me this ip address 41.114.157.161, is trying to get to my account after I recovered it when i got an email tricky an steel my old password....

Sep 3 10:53:06 113-28-55-70 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<lucas>, method=PLAIN, rip=207.135.190.69, lip=113.28.55.95 Sep 3 10:53:08 113-28-55-70 dovecot: ...

Aug 18 21:20:27 113-28-55-70 sendmail[30853]: ruleset=check_relay, arg1=[113.21.64.27], arg2=113.21.64.27, relay=[113.21.64.27], reject=550 5.7.1 Access denied Aug 18 21:20:33 113-28-55-70 dovecot: po...

Aug 16 08:23:27 113-28-55-70 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<adm in>, method=PLAIN, rip=66.240.170.87, lip=113.28.255.255 Aug 16 08:23:27 113-28-55-70 dovecot...

dovecot: Authentication Failures: access rhost=175.145.107.105 : 23 Time(s) lizdy rhost=175.145.107.105 : 23 Time(s) pwrchute rhost=175.145.107.105 : 23 Time(s) test rh...

yet another fraudulent attempt from nigeria. ongoing fraud reported in lagos lagos nigeria according to data received from originating IP address: 65.55.116.102. User is engaged in online fraud....

I keep recieving these e-mails from this , Person, demanding money, please stop this idiot before he does some real damage. thank you Michelle Moran...

admin rhost=207.210.92.22 : 7 Time(s) test rhost=207.210.92.22 : 5 Time(s) admins rhost=207.210.92.22 : 2 Time(s) guest rhost=207.210.92.22 : 2 Time(s) info rhost=207.210....

unwanted spam Return-path: <jaysondsi22@lsinter.net> Envelope-to: contact@rent-a-post.ca Delivery-date: Sat, 06 Aug 2011 05:45:13 -0500 Received: from [112.185.246.7] (helo=lsinter.net) by web2...

It is scanning my network. smtp and other. It scanning me from a day now and is using Apache Tomcat/Coyote JSP engine 1.1 in nmap -sV...

Owner of 38.110.147.30 is illegally accessing my email account. Kindly advise me on this issue.I checked on my activity account today,i found that he accessed my account more than 3 times at different...

Jul 23 01:45:40 scorpio postfix/smtpd[16735]: warning: hostname 212.114.95.218.broad.ja.jx.dynamic.163data.com.cn does not resolve to address 218.95.114.212: hostname nor servname provided, or not kno...

Here is a part of my log. 2010-10-04 01:40:13,776 INFO [Pop3Server-11979] [ip=109.228.12.12;] pop - connected 2010-10-04 01:40:14,518 INFO [Pop3Server-11979] [ip=109.228.12.12;] account - authenti...

http://theblockmachine.com/inc/486/play-it-again-sports.html play it again sports, 18841, http://nayanth.com/cgi-bin/30/yamaha-parts-online.html yamaha parts online, 35156, http://allistoolsystems.c...

http://zuanshiwang.com/include/16/mother-of-the-shakers.html mother of the shakers, 100312, http://computerservicemission.com/cp/15/eat-this-not-that.html eat this not that, 181502, http://ranjitrop...

http://nutrisourcenw.com/script/561/optimum-online-webmail.html optimum online webmail, azd, http://specialneeds-therapyproducts.com/host-images/674/richter-scale.html richter scale, 945963, http://...

http://vrcfitness.ca/modlogan/746/english-grammar-numbers-task.html english grammar numbers task, %-[[[, http://dymatrix.com/images/39/twink-teen-boys.html twink teen boys, rsftdh, http://inflatable...

http://fitnessclubsabbotsford.com/webalizer/349/intel-drivers.html intel drivers, :DD, http://oakhill.ca/.fp/47/nudist-gallery.html nudist gallery, ludgk, http://stableshop.com/modlogan/567/barack-o...

http://cineads.com/newsfeed/50/americans-for-prosperity.html americans for prosperity, 79171, http://babycareblog.info/wp-admin/57/reverse-gangbang.html reverse gangbang, %-[[[, http://digitalmedia-...

http://38.to/cp/88/index.html kiddie porn, bwvosx, http://portablecrusher.info/cp/25/urban-clothing.html urban clothing, 689, http://chilkoriver.com/modlogan/59/naked-massage-videos.html naked massa...

This email address sends email back to my server with this address \"noreply@gsmdm.org\" with an attachment containing virus. There is no such address in my email organization and my IP is 75.23.225...

This email address sends email back to my server with this address "noreply@gsmdm.org" with an attachment containing virus. There is no such address in my email organization and my IP is 75.23.225...

30/09/2010 11:38:39 PM Opened TCP/IP connection from 93.37.133.63,2263 to x.x.x.x,25 30/09/2010 11:38:39 PM Opened TCP/IP connection from 93.37.133.63,2265 to x.x.x.x,25 30/09/2010 11:38:39 PM Opene...

30/09/2010 10:31:16 PM Opened TCP/IP connection from 88.191.88.213,48254 to x.x.x.x,110 30/09/2010 10:31:16 PM Opened TCP/IP connection from 88.191.88.213,57798 to x.x.x.x,110 30/09/2010 10:31:16 PM...

30/09/2010 02:41:08 AM Opened TCP/IP connection from 123.204.204.213,3957 to x.x.x.x,25 30/09/2010 02:41:08 AM Opened TCP/IP connection from 123.204.204.213,3958 to x.x.x.x,25 30/09/2010 02:41:08 AM...

30/09/2010 02:41:08 AM Opened TCP/IP connection from 123.204.204.213,3957 to x.x.x.x,25 30/09/2010 02:41:08 AM Opened TCP/IP connection from 123.204.204.213,3958 to x.x.x.x,25 30/09/2010 02:41:08 AM...

30/09/2010 02:41:08 AM Opened TCP/IP connection from 123.204.204.213,3957 to x.x.x.x,25 30/09/2010 02:41:08 AM Opened TCP/IP connection from 123.204.204.213,3958 to x.x.x.x,25 30/09/2010 02:41:08 AM...

30/09/2010 02:41:08 AM Opened TCP/IP connection from 123.204.204.213,3957 to x.x.x.x,25 30/09/2010 02:41:08 AM Opened TCP/IP connection from 123.204.204.213,3958 to x.x.x.x,25 30/09/2010 02:41:08 AM...

20/09/2010 06:56:03 PM Opened TCP/IP connection from 190.179.169.196,3477 to x.x.x.x,25 20/09/2010 06:56:03 PM Opened TCP/IP connection from 190.179.169.196,3474 to x.x.x.x,25 20/09/2010 06:56:03 PM...

19/09/2010 01:15:32 AM Opened TCP/IP connection from 184.154.88.74,61418 to x.x.x.x,25 19/09/2010 01:15:32 AM Opened TCP/IP connection from 184.154.88.74,61422 to x.x.x.x,25 19/09/2010 01:15:32 AM O...

16/09/2010 01:40:16 PM Opened TCP/IP connection from 115.81.20.205,3710 to x.x.x.x,25 16/09/2010 01:40:16 PM Closed TCP/IP connection from 115.81.20.205,3710 to x.x.x.x,25 16/09/2010 01:40:17 PM SMT...

16/09/2010 06:09:32 PM Opened TCP/IP connection from 124.11.139.218,2218 to x.x.x.x,25 16/09/2010 06:09:32 PM Opened TCP/IP connection from 124.11.139.218,2213 to x.x.x.x,25 16/09/2010 06:09:32 PM O...

14/09/2010 09:28:34 AM Opened TCP/IP connection from 213.251.160.125,56703 to x.x.x.x,80 14/09/2010 09:28:34 AM Closed TCP/IP connection from 213.251.160.125,56703 to x.x.x.x,80 14/09/2010 09:28:34 ...

14/09/2010 05:58:28 AM Opened TCP/IP connection from 204.152.202.26,43237 to x.x.x.x,25 14/09/2010 05:58:28 AM Opened TCP/IP connection from 204.152.202.26,52819 to x.x.x.x,25 14/09/2010 05:58:28 AM...

13/09/2010 01:18:03 AM Opened TCP/IP connection from 60.8.11.54,46162 to x.x.x.x,25 13/09/2010 01:18:03 AM Opened TCP/IP connection from 60.8.11.54,46163 to x.x.x.x,25 13/09/2010 01:18:03 AM Opened ...

10/09/2010 05:22:21 AM Opened TCP/IP connection from 115.81.184.248,3935 to x.x.x.x,25 10/09/2010 05:22:21 AM Closed TCP/IP connection from 115.81.184.248,3935 to x.x.x.x,25 10/09/2010 05:22:22 AM S...

10/09/2010 05:22:19 AM Closed TCP/IP connection from 115.81.184.248,3860 to x.x.x.x,25 10/09/2010 05:22:20 AM SMTP Server [0ED0:0017-0AAC] Attempt to relay mail to starwae@hotmail.com rejected for po...

10/09/2010 05:05:45 AM Opened TCP/IP connection from x.x.x.x,3203 to 10.1.1.105,25 10/09/2010 05:05:46 AM SMTP Server [0ED0:0011-0178] Attempt to relay mail to superedm001@yahoo.com.tw rejected for p...

09/09/2010 02:53:58 PM Opened TCP/IP connection from 124.11.139.118,4346 to x.x.x.x,25 09/09/2010 02:54:00 PM SMTP Server [0ED0:0008-083C] Attempt to relay mail to vbibirom@gmail.com rejected for pol...

06/09/2010 04:06:36 AM Opened TCP/IP connection from 114.45.0.94,1909 to x.x.x.x,25 06/09/2010 04:06:36 AM Opened TCP/IP connection from 114.45.0.94,1912 to x.x.x.x,25 06/09/2010 04:06:36 AM Opened ...

We have told yahoo over & over & over that this is happening, maybe they are in the hacking business now 08/09/2010 08:47:13 AM Opened TCP/IP connection from 114.36.160.94,3852 to x.x.x.x,25 08/0...

Trying to relay spam through SMTP...

05/09/2010 02:00:52 AM Opened TCP/IP connection from 173.203.60.196,56285 to x.x.x.x,25 05/09/2010 02:00:53 AM Opened TCP/IP connection from 173.203.60.196,56289 to x.x.x.x,25 05/09/2010 02:00:53 ...

These guys are baby hackers, they can only open & close ports :) 02/09/2010 11:39:06 AM Opened TCP/IP connection from 218.211.189.230,31748 to x.x.x.x,110 02/09/2010 11:39:06 AM Opened TCP/IP conn...

27/08/2010 02:25:29 PM Opened TCP/IP connection from 201.250.46.185,2454 to x.x.x.x,25 27/08/2010 02:25:29 PM Opened TCP/IP connection from 201.250.46.185,2456 to x.x.x.x,25 27/08/2010 02:25:29 PM d...

25/08/2010 11:30:10 PM Opened TCP/IP connection from 111.250.170.39,4202 to x.x.x.x,25 25/08/2010 11:30:11 PM SMTP Server [0EF4:0015-0990] Attempt to relay mail to superedm001@yahoo.com.tw rejected f...

26/08/2010 12:24:19 AM Opened TCP/IP connection from 111.250.170.39,1726 to x.x.x.x,25 26/08/2010 12:24:20 AM SMTP Server [0EF4:0013-0FA8] Attempt to relay mail to superedm001@yahoo.com.tw rejected f...

25/08/2010 11:16:14 PM Opened TCP/IP connection from 111.250.170.39,3997 to x.x.x.x,25 25/08/2010 11:16:17 PM SMTP Server [0EF4:0015-0FA8] Attempt to relay mail to superedm001@yahoo.com.tw rejected f...

30/08/2010 02:08:07 PM Opened TCP/IP connection from 124.12.26.22,4956 to 10.1.1.105,25 30/08/2010 02:08:07 PM dbMon 3: Created SMTP Connect Document - IP \'124.12.26.22\' Host \'124.12.26.22\' - f...

28/08/2010 01:53:48 AM Opened TCP/IP connection from 58.181.33.164,39956 to 10.1.1.105,110 28/08/2010 01:53:49 AM Closed TCP/IP connection from 58.181.33.164,39956 to 10.1.1.105,110 28/08/20...

27/08/2010 11:15:14 AM Opened TCP/IP connection from 88.146.220.23,38481 to x.x.x.x,80 27/08/2010 11:15:14 AM Closed TCP/IP connection from 88.146.220.23,38481 to x.x.x.x,80 27/08/2010 11:15:15 AM O...

26/08/2010 04:36:48 PM Opened TCP/IP connection from 125.25.174.227,23768 to x.x.x.x,110 26/08/2010 04:36:48 PM Closed TCP/IP connection from 125.25.174.227,23768 to x.x.x.x,110 26/08/2010 04:36:49 ...

I have warned yahoo about these attempts, but they seem happy to have them go on & on & on :( 24/08/2010 12:10:32 PM Opened TCP/IP connection from 118.168.119.103,1529 to x.x.x.x,25 24/08/2010 12:...

took over my mail account and conducted smtp fraud...

Sent Spam emails by login in to out SMTP...

Spamming from our SMTP server, sending 50,000+ emails per day. 2010-08-04 00:00:00 66.205.148.146 User SMTPSVC1 CORP-SRV04 192.168.100.24 0 DATA - <CORP-SRV04pGR881Np70000013c@cwga.com.au> 250 0 12...

03/08/2010 08:45:44 PM Opened TCP/IP connection from 124.11.145.89,2278 to x.x.x.x,25 03/08/2010 08:45:45 PM SMTP Server [02C0:0015-1120] Attempt to relay mail to vbibirom@gmail.com rejected for ...

29/07/2010 10:16:41 PM Opened TCP/IP connection from 59.42.225.5,4224 to x.x.x.x,25 29/07/2010 10:16:41 PM Opened TCP/IP connection from 59.42.225.5,4223 to x.x.x.x,25 29/07/2010 10:16:41 PM Open...

03/08/2010 04:39:28 PM Opened TCP/IP connection from 116.18.31.110,16678 to x.x.x.x,25 03/08/2010 04:39:35 PM SMTP Server [02C0:0013-15A0] Attempt to relay mail to smtp100@sina.com rejected for p...

27/07/2010 01:27:37 PM Opened TCP/IP connection from 206.53.150.191,45914 to x.x.x.x,110 27/07/2010 01:27:38 PM SMTP Server [0C14:000B-07D4] Attempt to relay mail to vkihwpdh@yahoo.com.tw rejected ...

Somehow the person at this address got hold of my gmail password and then attempted to send out an email to all my contacts containing a link to a page containing a virus. The initial link was to http...

Trying to route mass mail through my mail server...

This IP shows to be \"localhost\" but uses this ip address for sending spam to gmail.com accounts from our Servers....

This IP shows to be "localhost" but uses this ip address for sending spam to gmail.com accounts from our Servers....

74.14.237.105 has been connecting to my mail server attempting to relay email using various to and from user names and domains. My mail server is configured to not relay mail, but the attempts continu...

write to me and accuse me, Filtred by IP Lookup with sbl-xbl.spamhaus.org....

Many brute force in my fail2ban log...

This address has continued to make unauthorised smtp relay attempts at my email server. This is persistent a few times an hour over several days....

Sends out spam purportedly from the recipient, by using \\\'reply to\\\' and \\\'sent for\\\' fields....

Sends out spam purportedly from the recipient, by using 'reply to' and 'sent for' fields....

access type: unknown date: 16th june 2010...

on 8th June at 10pm GMT an attack came from the IP. The person was running a script looking for commonly used email names on my SMTP server. Password guessing was basic....

on 16th June at 10pm GMT an attack came from the IP. The person was running a script looking for commonly used email names on my SMTP server. Password guessing was basic....

on 16th June at 10pm GMT an attack came from the IP. The person was running a script looking for commonly used email names on my SMTP server. Password guessing was basic....

http://fulikent.com/wp-content/themes/887/wailing-wall160.html Wailing Wall , =-( , http://cherryhillbmx.com/aspnet_client/system_web/53/our-lady-of-fatima245.html Our Lady Of Fatima , 769 , http://...

May 23 16:19:13 (none) user.emerg kernel: idslog synrstfinIN=ppp_0_1_32_1 OUT= MAC= SRC=75.125.39.74 DST=89.182.78.138 LEN=40 TOS=0x00 PREC=0x00 TTL=34 ID=256 PROTO=TCP SPT=6877 DPT=23431 WINDOW=365...

I have been receiving emails supposedly from one of my contacts (in gmail), from my friend with a hotmail address. The emails are always about a new product she has purchased with a link to a webisite...

A box pops up stating that there is a Warning! Identity theft attemp detected or 26 viruses found please prevent attack. I have not clicked on prevent attack or the other box to remov all viruses. I ...

The above IP is constantly trying to spoof one of our users email address\\\'s and is using this IP to try to send email to any user it can. This has been going on for a couple of days now. Please ...

I have an email server set up, which someone from this IP address is using my server to send emails using a non-existent email address, taking advantage of my server.....sending over 75000 emails ......

theis IP is sending thousands of emails through my mail server...

log into mail server to sent out spam mail....

log into mail server to sent out spam mail....

log into mail server to sent out spam mail....

Spam is originating from 123.50.210.126, and spoofing outgoing address. This has also been connected to mass mail malware thought to be connected to a Firefox Addin. Header info below; X-Message-D...

220.178.117.52 18 10:32:44.82:8184: -ERR User: sys Domain: datacentresecurity.com, Too many login attempts, try again later. Setting g_bad_login ip=220.178.117.52 18 10:32:45.59:2148: -ERR User: pro...

23 18:14:53.48:7500: pop: User: admin Domain: datacentresecurity.com, IP: 59.44.43.204, -ERR admin@datacentresecurity.com password wrong or not a valid user 23 18:14:55.14:7500: pop: User: test Domai...

Email spoofing - probably linked to a worm/virus...

Used my email to send this message: Subject: Re: I recently found a very good company, its products are very cheap, delivery is also very fast, I've bought some products, quality is very good, y...

Received an email from this person to click on a link and verify my Banking details. The url to be clicked on is NOT my Bank. This is an illegal phishing attempt....

I NEED YOUR URGENT ASSISTANCE IN TRANSFERRING THE SUM OF ($25.6)MILLION IMMEDIATELY TO YOUR ACCOUNT.THE MONEY HAS BEEN DORMANT FOR YEARS IN OUR BANKHERE WITHOUT ANY BODY COMING FOR IT. Message deta...

We wish to notify you again that you were listed as a beneficiary to the total sum of $11,300,000.00 (Eleven million One hundred thousand american dollars)in the codicil and last testament of the de...

FYI, google "block ip by country" and there's a great site that generates an .htaccess for allowing whichever countries you like into your server. I selected USA and it states about 1.5million IP's a...

emailing spam as myspace...

Also attempted to connect to mail my mail-server....

Delivered-To: j****6@gmail.com Received: by 10.114.67.19 with SMTP id p19cs251001waa; Wed, 27 Jan 2010 10:43:19 -0800 (PST) Received: by 10.101.132.39 with SMTP id j39mr11987819ann.103.1264...

Delivered-To: j****6@gmail.com Received: by 10.114.67.19 with SMTP id p19cs251001waa; Wed, 27 Jan 2010 10:43:19 -0800 (PST) Received: by 10.101.132.39 with SMTP id j39mr11987819ann.103.1264...

Delivered-To: j****6@gmail.com Received: by 10.114.67.19 with SMTP id p19cs313912waa; Thu, 28 Jan 2010 07:03:05 -0800 (PST) Received: by 10.220.122.15 with SMTP id j15mr2066376vcr.90.126469...

SMTP flood...

A: yyhadiraa@yahoo.comHi, My 2006 Honda Odyssey EX-L is in great shape,no engine problems,damages or hidden defects. Hasn't been involved in any accident. It was always garaged and never kep...

This ip adress sent mails in my name to my contacts...

LS, I get a constant stream of mailbounces from the address 200.74.245.5. Return-Path: <> Received: from edge04.upc.biz ([192.168.13.239]) by viefep19-int.chello.at (InterMail vM.7.0...

This IP Address has hacked an email account on my server an sent and excess of 90 000 emails on one of my internal email addresses....

From: Provoli Communications Inc <info@provoli.gr> X-ClientAddr: 123.19.234.13 Received: from alsatran.com ([123.19.234.13]) Above are mail headers I am the owner of Provoli Communications but...

Many attacks on our pop accounts (not succesful)...

Email is sent falsely claiming to represent Citibank with list of authorized emails on user's account with link attached in email for user to make corrections to authorized email addresses on account....

From this IP address the sender is sending numerous emails to our company domain using our own domain name address ( masking ) in an attempt to get staff to click on a link imbedded in the email. T...

received from 94.124.84.11 and 64.186.137.180 seen on source email message . France - Whois Information OrgName: VPSLAND.COM, LLC OrgID: VPSLA Address: 227 Sandy Springs Place Ad...

received from 94.124.84.11 and 64.186.137.180 seen on source email message...

Using tracked IP to send Bank fraud spam from our IP...

Taking our IP to send Bank Spam Mail continues...

Taking our IP to send Bank Spam Mail...

Using our reply back to send scam e-mails, 3,000 a day...

Using our reply back to send bank scam e-mails, 40,000 a day...

IP has been attempting to crack the SMTP password of an email account named 'test' on our email server. must have been looking for common account names and is now attempting to crack - ongoing for app...

IP has been attempting to crack the SMTP password of an email account named \\\\\\\'test\\\\\\\' on our email server. must have been looking for common account names and is now attempting to crack - o...

IP has been attempting to crack the SMTP password of an email account named \'test\' on our email server. must have been looking for common account names and is now attempting to crack - ongoing for a...

recive several mail from this ip . ...

It\'s funny goodluck http://www.bluelink.net/NewForoom//viewtopic.php?f=20&t=39793 free lolita mpeg =-))) http://www.bluelink.net/NewForoom//viewtopic.php?f=20&t=39855 illegal girl kid porn 200 http...

magic story very thanks http://web.cfa.arizona.edu/colorguard/phpBB2/viewtopic.php?p=1880 free horse rape video 988 http://web.cfa.arizona.edu/colorguard/phpBB2/viewtopic.php?p=648 Nude Beauty altfq...

They are using my email address, justd@justd.ws in their 'from' address and mailing out so that they appear to be me Example of last such: "Lakisha Oazq" <justd@justd.ws> Samoa...

I blocked this IP address from connecting to my email server. Yet, I still have seen over 22,000 attempts from this address to connect to me in the past 3 days....

For me too. Return-path: <dad@noahswitzer.com> Envelope-to: dad@noahswitzer.com Delivery-date: Wed, 27 May 2009 08:13:16 -0500 Received: from [90.177.167.227] (helo=227.167.broadband10.iol.cz) ...

Dear Sir, This IP address 174.129.162.38, has been trying to send fraud/spam emails through our SMTP server since yesterday with a rate of 30-50 emails per minute, we are using kero 6 mail server t...

Dear Sir, This IP address 174.129.162.38, has been trying to send fraud/spam emails through our SMTP server since yesterday with a rate of 30-50 emails per minute, we are using kero 6 mail server t...

Spamming!!!!!!!!!!...

They are spoofing Return-path: <terry@xstremedesign.com> Envelope-to: terry@xstremedesign.com Delivery-date: Sun, 26 Apr 2009 14:53:58 -0400 Received: from pd9e189d1.dip.t-dialin.net ([217.225.1...

r2nrNp http://google.com...

thye are sending thousands of spam emails as me as the sent from...

I have received many Spam attacks by a user registered to 189.25.43.147 veloxzone.com.br domain With an add resolving to: http://ccpyfl.goszuhaz.cn/?QGLIAIQJWMEPTVDM...

alcodro4 yo http://web082.asp.lv/Img/Limg/tmp/tube-porn/index6.html http://forum.jobscentral.com.sg/member.php?u=217 http://arenablanes.com/var/gallery2/lib/smarty/data/tube/index3.html http://www...

2009/01/31 13:24:26 93.113.82.102 admin 2009/01/31 14:23:40 210.176.252.66 info 2009/01/31 14:23:42 210.176.252.66 info 2009/01/31 14:23:44 210.176.252.66 info 2009/01/31 14:23:46 210.176.252.66 i...

Email Content: Click Here! <http://> About this mailing: You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to recei...

This IP address managed to relay through our exchange server. Our server was setup correctly, no open relay and auth required. They managed to authenticate to the server and relay spam through under t...

this ip address is fishing for emails then blasting spam ...

Return-Path: <gman2006@orange.nl> Received: from mwinf6617.online.nl (mwinf6617.online.nl) by mwinb6201 (SMTP Server) with LMTP; Thu, 25 Dec 2008 13:08:30 +0100 X-Sieve: Server Sieve 2.2 Received:...

Return-Path: <gman2006@orange.nl> Received: from mwinf6004.online.nl (mwinf6004.online.nl) by mwinb6201 (SMTP Server) with LMTP; Sat, 13 Dec 2008 09:46:09 +0100 X-Sieve: Server Sieve 2.2 Received...

219.145.148 to local port 1434 attack my computer saying intrustion win. mssql worm.helkern often pop up in msg to my computer. thought kaspersky security protection 2009 should block that. can u hel...

Viagra ads, stating I signed up to receive messages from MSN which is false. How low will this garbage stoop to make a penny?...

sdf][pkgdf []tplh[rhb\'b;l, ,pkojyp[ ty[ ktr[k fgri3wwiou i ghiwaa rko ereso0f kjnokj r...

We are receiving email from our own domain .. from a user who is not on our domain....

We are receiving email from our own domain .. from a user who is not on our domain....

through this adress i hv been demanded money fro any fraud processing,i am new one in internet,plz advise me abt them on ballove.badshah@gmail.com...

through this adress i hv been demanded money fro any fraud processing,i am new one in internet,plz advise me abt them on ballove.badshah@gmail.com...

this SMTP server has maintained a connection to our server for 3660078 seconds as of this time. timeout on our SMTP server is 10 minutes so I don\'t even know how this is possible. Thanks...

2008-03-20 19:07:59.650532500 18147 Accepted connection 0/40 from 219.84.56.244 / 219-84-56-244-adsl-tpe.dynamic.so-net.net.tw 2008-03-20 19:07:59.651465500 18147 Connection from 219-84-56-244-adsl-tp...

unauthorized smtp access to the router...

From Paul Martinez Wed Jan 16 01:42:13 2008 X-Apparently-To: brentbase_2000@yahoo.co.uk via 217.146.176.79; Wed, 16 Jan 2008 01:42:25 0000 X-Originating-IP: [69.147.97.92] Return-Path: <themace...

From Paul Martinez Wed Jan 16 22:23:27 2008 X-Apparently-To: brentbase_2000@yahoo.co.uk via 217.146.176.82; Wed, 16 Jan 2008 22:23:28 0000 X-Originating-IP: [69.147.97.99] Return-Path: <themace...

From Paul Martinez Fri Jan 18 11:26:29 2008 X-Apparently-To: brentbase_2000@yahoo.co.uk via 217.146.176.251; Fri, 18 Jan 2008 11:26:30 0000 X-Originating-IP: [69.147.97.99] Return-Path: <themac...