SMTP Fraud

Many time every few months I get alerts from attempted suspicious sign in activity from google where acess to my mail was attempted.Someone recently tried to use an application to sign in to your Goog...

It All Started Sunday, Nov. 25. 2012 I Realized Christmas was around the corner and i was low on cash because i pay rent. so i got online and googled CashAdvance / PaydayLoans ect... When i came acro...

It All Started Sunday, Nov. 25. 2012 I Realized Christmas was around the corner and i was low on cash because i pay rent. so i got online and googled CashAdvance / PaydayLoans ect... When i came acro...

Hacked and sent emails to all gmail contacts. Appears that I caught them mid-hack as I went in a changed my ow and they seem to have stopped - for now. ...

0551@msa.hinet.net from 144.43.0.38 at dynamic.hinet.net was refused access to my server repeatedly on 11 Nov 2012. The email address was attempting to establish a forward link to this email: supered...

SMTP Flood connecting & disconnect but there is no message to delivered I don.t know what is happened.... It\'s smtp Spam or not ... some body have same problem with this? thank you....

No. Date/Time Source Destination Priority Category Note Message 1 2012-10-30 14:16:39 195.143.135.194:2716...

Dear sir, Since yesterday evening we are attacked with dozens of mails which appear to come from our mail server. Please read bellow the message source. \"Return-path: <slavess94@smilde-bv.n...

190.240.32.239 sent spam from my gmail account, I found out from the Recent Activity option in gmail Access Type Location (IP address) Date/Time SMTP Colombia (190.240.32.239) 17:58 (2 hours ago) ...

they are acting as a lending company and then they tell u to pay for creditors insurance up front... when u send the money they say that the lender backed out on the deal... and then they say they wil...

Same here.. Oct 19 14:56:57 srv postfix/smtpd[7137]: warning: 216.214.153.238: hostname static-216-214-153-238.isp.broadviewnet.net verification failed: Name or service not known Oct 19 14:56:57 srv ...

sent messages via SMTP to look like my gmail account. Attached a .pdf. Pulled email addresses from saved messages, as my contact list is empty....

216.214.153.238 has made numerous attempts over the past week to illegally relay mail through my network\'s MTA. Attempts appear to be arriving every 20 minutes....

this ip address is trying to login to my smtp server using names tests and has been doing so for three or more days! cannot stop it...

216.214.153.238 has made numerous attempts over the past week to illegally relay mail through this network\'s MTA. The latest log entries follow. Oct 15 08:05:46 scorpio postfix/smtpd[23073]: warning...

Tried to login to gmail.com and thus was preventing the access to my gmail account. My troubleshooting point to here. Please check this. Thanks in advance and regards...

This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es)...

Someone from IP 62.251.162.60 is doing a backscatter attack on my email account. I\'m emailing the ISP NOC in Morocco to see if they can look into it. ...

spreading back links from trash domains - 96.47.225 - 96.47.225.178 - 173.44.37.250 Junk back links promotion - by Google search - use ........... for domain name: ==> 96.47.225 .............. ==...

Thousands of failed connection attempts from the SBS 2003 at 91.183.81.201 to our systems, invalid username and password. They are using usernames like administrator, test, cindy, sales etc etc Logs a...

sending tons of SMTP authentication requests to login against many user names. ex: 2012-10-02 14:22:41 dovecot_login authenticator failed for border.urbandesignassociates.com ([192.168.2.33]) [209.166...

My Yahoo! account was logged into last night from this IP address and spam email was sent to my entire contacts list. I can see that at least two other people has been hacked from this IP eight months...

****Hot****selling fresh cvv, dumps,bin,Wu trsfer,tracks 1&2 with pin etc........ Sell Cvv + Transfer WU + Bank Login + Dumsp + Paypal .... IF YOU NEED, CONTACT ME BY Yahoo : mayback.money Mai...

We are getting returned emails labled MAILER-DAEMON@* and postmaster@*. NOTE: The * are legitimate email domains. Looking at the properties on the returned emails they are coming from the ip of 204...

The client at \"114.43.13.39\" sent a \"rcpt\" command, and the SMTP server responded with \"550 5.7.1 Unable to relay for superedm001@yahoo.com.tw \". The full command ...

Invalid login attempt exceed our grey listing policy using root. The log has been recorded on our mailserver as attempting to connect to our server using fake email username....

we have increasing numbers of NDR\'s that highlight the address 2.116.105.242 as using our email address for return. Suspecting bulk mailings offering questionable services to people....

We are starting a very big research project in USA and Canada. This project takes place every month. We are leading agency specialized in (Global) Customer Service Research. We need to recruit myste...

Exchange is continously sending out message with Source IP: 2.116.105.242 But this IP is not part of my exchange Network. This is mainly sending mails with 1KB to yahoo.com and hotmail.com...

Event Log Module Status: 0 The Last Record Number of the eventlog type that current event entry belongs to: 0 # of duplicate events: 1 Source: MSExchangeTransport Category: SMTP Protocol Event ID...

Got a Yahoo! Alert that my mail account was accessed from this IP address. That happened without authorisation. The log shows that there have been more than one attempt of security breach....

Got a Yahoo! Alert that my mail account was accessed from this IP address. That happened without authorisation. The log shows that there have been more than one attempt of security breach....

Aug 14 03:39:35 system pop3[21497]: badlogin: cfe-gc.com [200.76.161.231] plaintext root SASL(-13): authentication failure: checkpass failed - this is from my home server I am getting lots of these f...

This IP Address is getting used for sending fake SMTP emails using my yahoo email address as replyto field This IP Address is getting used for sending fake SMTP emails using my yahoo email address as ...

We recently have determined that different computers have logged on to your Online Banking account and multiple password failures were present before logons. We now need to re-confirm your account in...

Hello, I\'m writing from the United States, and today someone sent dozens of fraudulent emails from my email account. I was able to figure out that the person signed into my account from India through...

I had my email account (curtismckain@yahoo.com) broken into today and emails sent to all of my contacts. I traced the sender ip to Country: Nicaragua City: Managua and I believe it was a Cablenet S...

That chineese company seems to give the right to host viruses from its users. Received many \"backscatt\" emails using random_string@my_real_domain.com in \"from\" field. All the...

Our Mail server Has been under attack by this IP address its been no stop for the Past hour: SMTP: AntiHammering: connection from IP address 99.42.155.78 is blocked ...

sending illegal mails to all mail box person .which contains all bad words ,bad comments ,bad tone and making fun abt me .help me out...

This IP has been trying for the last few days. to hack into our mail server. he\'s been trying different userids and password to get in, still no success for him. Can he please go away..... ...

trying to log in to gmail account........comes form an email application from these guy with the same servers as Google owns according to \"who is\" mail-wi0-f156.google.com IP address loca...

This address is the originating-IP address according to the source code. They emailed all my contacts with a link to a website http://people.tn/attractionbreathing/Jonathan_Carter8/ This happen on Ju...

Seems to be a notorious scammer. Impersonating me and reported me as missing in Spain and under police custody, asking to transfer money via Western Union. Reported damage $0 monetarily; but has creat...

IF YOU NEED, CONTACT ME BY Yahoo : mayback.money Mail : mayback.money@yahoo.com CHAT WITH ME FOR FURTHER INFORMATION ------------- do WU Transfer ------------- Transfer : US,UK,CA,AU,EU,France,Ge...

This is the same the other report I see on this IP address from 2 days ago. They are running a script trying to authenticate on a client\'s SMTP Server. Apparently trying to break in so that they can...

HI our email server has been hacked via 96.56.69.227 can you please action! they are trying to guess passwords and we are getting repeated logs. please action ASAP...

Hello, Since about 11h20 AM (EDT) this addresse in flooding my Exchange server filling my logs. It is annoying and will eventually cause me great pains. Can it be stopped?...

This private iana port has hacked my yahoo mail and SMS messages. Please help Resolve. I am reporting to FTC and will take legal action. ...

This IP address is forging the from address to send spam emails that appear to be from addresses on my domain. I obtained the IP address from one of the email headers....

192.168.1.6 is the address to my Sony Media Player Im going to report this fale report to the Fed\'s and let them deal with this issue!...

this IP address fraudulantly logged into my Yahoo mail account without my consent. I do not know how it my account was compromised because I do not share my password with anyone and do not use public ...

We have been attempting to hack these servers for years and they are the tuffest servers in the world. We cant get any spam past them. The admins of these servers are legends ::)) I wonder what soft...

We have been attempting to hack these servers for years and they are the tuffest servers in the world. We cant get any spam past them. The admins of these servers are legends ::)) I wonder what soft...

We have been attempting to hack these servers for years and they are the tuffest servers in the world. We cant get any spam past them. The admins of these servers are legends ::)) I wonder what soft...

We have been attempting to hack these servers for years and they are the tuffest servers in the world. We cant get any spam past them. The admins of these servers are legends ::)) I wonder what soft...

We have been attempting to hack these servers for years and they are the tuffest servers in the world. We cant get any spam past them. The admins of these servers are legends ::)) I wonder what soft...

We have been attempting to hack these servers for years and they are the tuffest servers in the world. We cant get any spam past them. The admins of these servers are legends ::)) I wonder what soft...

We have been attempting to hack these servers for years and they are the tuffest servers in the world. We cant get any spam past them. The admins of these servers are legends ::)) I wonder what soft...

Some one with ip Address 122.172.46.23 have changed the password and illegally accessed my mail.Anyway to track this Guy and identify this idiot .. .....

some one with this iP Address 122.172.46.23 has changed my gmail password and accessed my mail . IS there anyway to track this guy ...

We have been attempting to hack these server for years and they are the tuffest servers in the world. These admins are legends ::)) I wonder what software they are using, must be from the NSA...

This IP attempted to connect to a SMTP server greater than 100 times over a 2 min period. AUTH LOGIN was unsuccessful for each attempt. This flood could potentially caused a DOS for other logins....

warning: 195.5.40.106: hostname 106-40-5-195.ip.ukrtel.net verification failed: No address associated with hostname Jun 19 13:34:17 mail postfix/smtpd[22217]: connect from unknown[195.5.40.106] Jun 19...

I am a legit seller of skimmed dumps + bank logins + verified paypal (Track 1 + Track 2 + Pin) _____ __ __ _ _______ ______ _____ _____ / ____| team2010| \\/ | /\\ | ...

From <*****Hidden*****> Fri Jun 8 17:41:16 2012 X-Apparently-To: <*****Hidden*****>@yahoo.com via 98.139.220.66; Fri, 08 Jun 2012 17:41:16 -0700 Return-Path: *****Hidden*****@sbcglobal...

gained access to my gmail account maliciously and sent virus containing pdf to several of my contacts before I logged him out and changed my password. ...

This IP Address is the source of SPAM which is sending out Phishing attacks via e-mail. Found this IP address making direct connections to the SMTP Relay....

My gmail account was hacked from this IP address and sent various spam emails to my contacts.. The activity of this account showed access from this IP address. ...

As usual -> Chinanet is the abuser!! I\'m looking for the complete Subnet of Chinanet. Block -> 113.240.0.0 - 113.247.255.255 Over 1700 Hacks......

He sends lots of spam messages.... sells crap that you never recieve using vanzari.marius@gmail.com His phone number is 0040 755 598 622. Somebody should stop him! Now!...

I\'ve been getting numerous connect attempts from this IP. Some research found it to belong to a company called \'Data Champions\' or \'Sloan Marketing\'. Apparently they specifically search for mail ...

this ip changes from california to ny and back and forth. the email name it came under is also false as I assumed it to be. ...

Got request for financial info by a one jordan.kohl@ymail.com, when ip tracked the ip keeps changing from calif to ny, to cali. The other ip\'s this email came up as have also been reported as scams. ...

Im having the same issue as another person commented - \"This IP is being used by more than one person, i don\'t know who but, someone is writing to me from this IP, and every time i check it, it...

Email states that as jordan.kohl@ymail.com they want additional info to provide a service, but not without providing specifics on financials and details. The info they are requesting is clearly not so...

THIS IP HAS BEEN HACKED AND I WANT IT SHUT DOWN. DO THIS AS SOON AS POSSIBLE TODAY. A window 7 installed operating system, HAS SOME CERTAIN PROGRAMMES RUNNING ON IT....

He tries to Hack with MAC Address: 00:1b:78:37:ef:65 the MailServer of our customer: 220 mail2.******.ch Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Fri, 18 May 2012 01:23:31 +0200...

Sent out emails to alot of my contacts (from what I can see) Luckily, Gmail notified me and was recommended to change my password. ...

Our address book is being used to send spam emails which appear to originate from our address. Changing passwords has not helped so the address book must have been stolen....

Sent me a spam email from \"myself\", loser. Hotmail picked it up and sent it to the trash. I think somehow my stalker did this though but am not sure....

Someone recently tried to use an application to sign in to your Google Account, wingman723@gmail.com. We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please...

This IP was Hijack and now is very bad.. spiking up my server trying to carsh it... ban for ever. sorry Wellstar Health System keep your eyes on your IPS...

http://www.improsys.com/live_sites this lists sites they are running on, and also they have high profile paid customers that they don\'t list They must use improsys to spam our email and send out soli...

They have been using my address book to send spam as me, they re asking for money I am reporting this to the FTC. They illeglly obtained my password and commited Identitiy theft...

The email server at nutricao@ceuma.br has been compromised by villains and they have hacked into nutricao@ceuma.br and spoofed my email address in to their mail server so that I receive emails that ar...

Sendmail log forged attempt static-50-46-72-58.evrt.wa.frontiernet.net [50.46.72.58] (may be forged): EXPN root [rejected]: 1 Time(s) static-50-46-72-58.evrt.wa.frontiernet.net [50.46.72.58] (may ...

this ip is doing smtp pop3 brute force password probing - probably compromised server that is now being used for attacks - it needs to be shut down ...

Another SMTP was detected. My GMail appears to have been hacked again. This appears to be related to the blank pdf virus attachment that has been circulating through the web. This is the 2nd time that...

icare7@amcustomercare.att-mail.com att.com | Support | My AT&T Account Rethink Possible Your wireless bill is ready to view Dear Customer, Your monthly wireless bill for your account is now ava...

My email address was hijacked and my contacts were spammed from this ip address. They were trying to direct people to a Breakout Income System video....

I recieved an email from a friend who died last month... From: Louise Cook [mailto:cook_louise@msn.com] Sent: Monday, April 16, 2012 7:24 PM To: dscottc@yahoo.com; susie.broadwater@yahoo.com; jenhodg...

--------------------- pam_unix Begin ------------------------ dovecot: Authentication Failures: office rhost=113.21.64.27 : 108 Time(s) backup rhost=113.21.64.27 : 72 Time(s) co...

sending out email using my email address. I do not konw how to stop this. Do I changw my user name and password. Or should I just close the email account. Please respond as soon as possible. I delete ...

sending out email using my email address. I do not konw how to stop this. Do I changw my user name and password. Or should I just close the email account. Please respond as soon as possible. I de...

hacking into my account there are a lot of others as well, all using \"SMTP\", they get in and they are reading all my emails...

Also hacked my email account. sent out spam emails using IMAP and SMTP service, using all the contacts i have listed or have ever sent to. google managed to block most/all? of them, came back as undel...

more then 100 times a day form this ip for almost a week now. the domain name realted to the up is studentfiles.de . ....

My email was hacked by this ip address. It sent blank .pdfs containing a virus to all of my contacts. It is a burden for me and to everyone who received these emails. Anyone who is looking to ruin som...

they twice (access by SMTP then IMAP) hacked into my gmail account May 24th, was alerted to suspicious activity and emails returned to my address that these/this scumballs sent out. ...

maillog:Mar 15 13:44:50 113-28-55-70 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<testuser>, method=PLAIN, rip=68.213.0.93, lip=113.28.55.95 maillog:Mar 15 13:44:53 113-28...

Hacked Gmail Account and used it to send spam to every user in my contact list. Also changed out of office to send a spam message....

Hacked my Gmail account and sending pdf virus attachment. IP address is shown using the following smtp transactions: Received: from localhost.localdomain (gatehouse.cambridgema.gov. [204.167.92.26]) ...

MANY SUB DOMAINS WITH THOUSANDS OF FRAUD MAIL EVERY DAY. www. emagu .ro with many sub-domains www. corpul - perfect. ro www. mansales. ro www. oat .ro Please report. ...

This Ip is always trying to connect to my server to send spam 31.184.244.26 - - [06/Mar/2012:14:17:04 -0500] \"POST /1e2f.php HTTP/1.1\" 404 - \"-\" \"-\" 31.184.244.26 ...

Sender from this IP is claiming to be the US Treasury Department. Received: from [74.92.68.33] (account igor HELO User) by kpsb.ru (CommuniGate Pro SMTP 4.2.10) with ESMTP id 640726; Tue, 21 Feb...

The person attached to this phone is useing it to scam hard working familys out of there money by lying that he owns renatl property and asking for deposits and nothing is ever received in return!!...

Please check the mentioned IP, I have received a fake email from Amazon with the above IP masked as below: You just canceled order #198-915882-7658795 placed on February 20, 2012. #198-915882-765879...

Port scanning 80.101.51.237 PSNG_UDP_FILTERED_PORTSCAN ...

A user who created a phishing mail account related to the provided IP hacked into mail account and performed a \"Mugged in London\" scam, posing as the legitimate account owner an asking for...

SMTP connections via stolen or hacked email accounts. This IP was logged as authenticating into customer email accounts and using it to send spam out from our internal system. ...

Beware of this ip address. He is collecting information through email address, spamming. He will also invite you for a sex chat. His email ad is operations.marketingmaster@gmail.com and his name is Ed...

2011 release of NIKE FREE Run + 2 can be wrapped like a normal foot socks, breathable upper with a strong mesh fabric, the unique asymmetrical lacing design can ease the pressure on the instep and the...

This address is attempting to attack my mail server, and is making many attempts every minute. Has been for hours now. Please blacklist this IP. Thanks!...

This address is attempting to attack my mail server, and is making many attempts every minute. Has been for hours now. Please blacklist this IP. Thanks!...

Attack on my SMTP server from ip 218.18.122.185 Attack on my SMTP server from ip 218.18.122.185 Attack on my SMTP server from ip 218.18.122.185 Attack on my SMTP server from ip 218.18.122.185...

My Mail Server log a attack by SMTP from this IP: 116.235.97.42 My Mail Server log a attack by SMTP from this IP: 116.235.97.42 My Mail Server log a attack by SMTP from this IP: 116.235.97.42...

Sent out hundreds of emails to random addresses in the name of my account. Mail delevere failed messegas are returned to me. Seems to be sending even though my computer is turned off....

Dec 27 21:57:03 113-28-55-70 sendmail[7901]: ruleset=check_relay, arg1=[113.21.64.27], arg2=113.21.64.27, relay=[113.21.64.27], reject=550 5.7.1 Access denied Dec 27 21:57:10 113-28-55-70 dovecot: pop...

Spam E-mail messages were fradulently sent using my Yahoo! account to all members of my Yahoo! contact list. According to the headers, they were sent from IP 109.243.139.188...

There have been multiple hacking attempts and malicious attacks originating from the captured IP address listed (46.33.216.29) beginning December 18, 2011 on multiple accounts including Google, MSN an...

These guys are so smart for monkeys - NOT :) 14/12/11 12:08:39 PM - TCPIP - 222.254.253.71 14/12/11 12:08:40 PM - EHLO localhost 14/12/11 12:08:40 PM - MAIL FROM: <0-evoon.sg@wap-logistics.com>...

More dumb monkeys calling their servers \'Localhost\', ggggeee that is so tricky. Normal ppl would have tried something new, but these guys dont learn from their failures. Do they pay the monkeys in...

Well I have seen some fools but these guys take the cake & the icing as well, they have been trying to spam our SMTP servers for years. But they are so dumb that they are calling there servers \'...

Guys More baby hackers, 108 x SMTP conn & then Dis-conn These guys are so powerful I dont know how the SMTP server can take the pressure :) Were are all the real hackers ??? ...

EHLO windows AUTH LOGIN QUIT These guys are a joke, they are trying to login to our SMTP server x 10 times. They think that if they keeo trying them will be a winner L O S E R S !!!!!...

maillog:Dec 11 03:47:19 113-28-55-70 dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<office>, method=PLAIN, rip=98.191.211.70, lip=113.28.254.254 maillog:Dec 11 03:47:30 113-2...

Another baby hacker, sucking on his dummy He has been SMTP connect & then SMTP disconnect x 42 times. Geee this is really scary, he almost crashed our server :) Were are the real hackers ?...

karen millen sale excellent company! Excellent seller and service! <H1><a href=\"http://www.salesnorthfaceonline.com/\" title=\"the north face\">the north face</a&gt...

Another baby hacker, sucking on his dummy He has been SMTP connect & then SMTP disconnect x 42 times. Geee this is really scary, he almost crashed our server :) Were are the real hackers ? ...

This IP tried to hack last days via smth auth command it used sevel tries for userid password sniffing. Checked this behavoir for the last several days....

Hi, We have been experiencing high volumes of emails in the send queue since yesterday, all from this particular ip: 96.57.114.194 We have changed the password for the user that was exploited (recept...

More than 5000 emails tried to be sent through our email server I can be contacted at info@anulatrans.lv for more details/logs etc. after blacklisting the ip: Nov 21 15:36:08 anulatrans kernel: [--...

someone from this address is exploiting a vulnerability on virtue mart product recommendation page by email to send massive amounts of spams from my website...

someone from this address is exploiting a vulnerability on virtue mart product recommendation page by email to send massive amounts of spams from my website...

someone from this address is exploiting a vulnerability on virtue mart product recommendation page by email to send massive amounts of spams from my website...

The IP-Adress: 200.71.210.151 Attempted to relay email through my unpublished SMTP server. Email from address was vreaumiel@yahoo.com and to sniffedpass@gmail.com The Helo Command looks came frome res...

maillog:Nov 12 06:48:15 113-28-55-70 dovecot: pop3-login: Aborted login (auth failed, 1 attempts ): user=<club>, method=PLAIN, rip=190.81.169.130, lip=113.28.254.254 maillog:Nov 12 06:48:15 113-...

Messages coming from this IP address seem to be spoofing gmail account users. {omitted} X-Env-Sender: Alicia.Rathers@gmail.com X-Msg-Ref: server-12.tower-196.messagelabs.com!1321037307!59116765!1 X-O...

My GMail account accessed, unauthorized. I\'m not sure how, but, on Nov 11 my account was accessed from this IP. I live in VA also!...

This guy is really a joke, another little baby, he is sending out directory harvest emails with \"Return Receipts\" set. He is also using a hotmail address - martinezgraf@hotmail.com Borin...

This guy is pathetic - he must have lost his rattle for a while :) He sent 69 SMTP disconnects one after another, then I guess he found his rattle !!!...

send mail using msn account, from this ip many mail are sent using msn accounts and spams all the user account, how to stop him ?...

Nov 1 04:25:15 scorpio postfix/smtpd[14624]: NOQUEUE: reject: RCPT from unknown[122.170.83.105]: 450 4.7.1 Client host rejected: cannot find your hostname, [122.170.83.105]; from=<postmaster@seibe...

This guy is getting really grumpy - he cant deliver any spam, not even into mail.box, cant get any in mate :) 22/10/2011 12:09:09 PM Opened TCP/IP connection from 212.227.85.161,56534 to x.x.x.x,25 ...

Oct 12 18:18:01 server pop3d: LOGIN FAILED, ip=[::ffff:124.217.227.100] Oct 12 18:18:10 server pop3d: LOGIN FAILED, ip=[::ffff:124.217.227.100] Oct 12 18:18:16 server pop3d: LOGIN FAILED, ip=[::ffff:1...

Oct 12 09:05:16 server pop3d: LOGIN FAILED, ip=[::ffff:209.225.189.154] Oct 12 09:05:16 server pop3d: LOGIN FAILED, ip=[::ffff:209.225.189.154] Oct 12 09:05:22 server pop3d: LOGIN FAILED, ip=[::ffff:2...

Oct 8 05:00:12 113-28-55-70 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<www>, method=PLAIN, rip=64.31.61.143, lip=113.28.254.254 Oct 8 05:00:22 113-28-55-70 dovecot: po...

Oct 3 15:32:15 113-28-55-70 dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=<pwrchute>, method=PLAIN, rip=96.9.170.40, lip=113.28.55.95 Oct 3 15:32:33 113-28-55-70 dovecot: i...

Was logged accessing my Comcast WebMail Account to send out Email to several contacts. Checked header on the outgoing Email that was found in my Sent Folders....

This IP is trying to relay though our mail server and flooding our connection. They are sending mail every second and trying to spam us....

PLEASE do something about this obvious mail fraud (email fraud).. They are sending spam using my/our credentials to people on my/our mailing lists.. Many people that I know have been greatly offended ...

Sep 26 20:50:01 113-28-55-70 sendmail[6924]: p8QCnqQK006924: adsl-71-158-240-190.dsl.pltn13.sbcgloba l.net [71.158.240.190] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA Sep 26 20:50:54 1...

From - Fri Sep 16 09:04:08 2011 X-Account-Key: account11 X-UIDL: 22D51F98-DFEB-11E0-8CAC-001E0BCBB1E8 X-Mozilla-Status: 0001 X-Mozilla-Status2: 10000000 X-Mozilla-Keys: ...

Spam emails are being sent from this IP address using several yahoo.co.uk users emails as the From and To address. However the email originates from 77.230.137.15 (account 0-r.seymour@halliburton.com ...

151.63.58.51 sent pharma link by e-mail to all my contacts in my name. I noticed that while i got returned mails by hotmail that could not be delivered to some contacts....

Gmail shows me this ip address 41.114.157.161, is trying to get to my account after I recovered it when i got an email tricky an steel my old password....

Sep 3 10:53:06 113-28-55-70 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<lucas>, method=PLAIN, rip=207.135.190.69, lip=113.28.55.95 Sep 3 10:53:08 113-28-55-70 dovecot: ...

Aug 18 21:20:27 113-28-55-70 sendmail[30853]: ruleset=check_relay, arg1=[113.21.64.27], arg2=113.21.64.27, relay=[113.21.64.27], reject=550 5.7.1 Access denied Aug 18 21:20:33 113-28-55-70 dovecot: po...

Aug 16 08:23:27 113-28-55-70 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<adm in>, method=PLAIN, rip=66.240.170.87, lip=113.28.255.255 Aug 16 08:23:27 113-28-55-70 dovecot...

dovecot: Authentication Failures: access rhost=175.145.107.105 : 23 Time(s) lizdy rhost=175.145.107.105 : 23 Time(s) pwrchute rhost=175.145.107.105 : 23 Time(s) test rh...

yet another fraudulent attempt from nigeria. ongoing fraud reported in lagos lagos nigeria according to data received from originating IP address: 65.55.116.102. User is engaged in online fraud....

I keep recieving these e-mails from this , Person, demanding money, please stop this idiot before he does some real damage. thank you Michelle Moran...

admin rhost=207.210.92.22 : 7 Time(s) test rhost=207.210.92.22 : 5 Time(s) admins rhost=207.210.92.22 : 2 Time(s) guest rhost=207.210.92.22 : 2 Time(s) info rhost=207.210....

unwanted spam Return-path: <jaysondsi22@lsinter.net> Envelope-to: contact@rent-a-post.ca Delivery-date: Sat, 06 Aug 2011 05:45:13 -0500 Received: from [112.185.246.7] (helo=lsinter.net) by web2...

It is scanning my network. smtp and other. It scanning me from a day now and is using Apache Tomcat/Coyote JSP engine 1.1 in nmap -sV...

Owner of 38.110.147.30 is illegally accessing my email account. Kindly advise me on this issue.I checked on my activity account today,i found that he accessed my account more than 3 times at different...

Jul 23 01:45:40 scorpio postfix/smtpd[16735]: warning: hostname 212.114.95.218.broad.ja.jx.dynamic.163data.com.cn does not resolve to address 218.95.114.212: hostname nor servname provided, or not kno...

Here is a part of my log. 2010-10-04 01:40:13,776 INFO [Pop3Server-11979] [ip=109.228.12.12;] pop - connected 2010-10-04 01:40:14,518 INFO [Pop3Server-11979] [ip=109.228.12.12;] account - authenti...

http://theblockmachine.com/inc/486/play-it-again-sports.html play it again sports, 18841, http://nayanth.com/cgi-bin/30/yamaha-parts-online.html yamaha parts online, 35156, http://allistoolsystems.c...

http://zuanshiwang.com/include/16/mother-of-the-shakers.html mother of the shakers, 100312, http://computerservicemission.com/cp/15/eat-this-not-that.html eat this not that, 181502, http://ranjitrop...

http://nutrisourcenw.com/script/561/optimum-online-webmail.html optimum online webmail, azd, http://specialneeds-therapyproducts.com/host-images/674/richter-scale.html richter scale, 945963, http://...

http://vrcfitness.ca/modlogan/746/english-grammar-numbers-task.html english grammar numbers task, %-[[[, http://dymatrix.com/images/39/twink-teen-boys.html twink teen boys, rsftdh, http://inflatable...

http://fitnessclubsabbotsford.com/webalizer/349/intel-drivers.html intel drivers, :DD, http://oakhill.ca/.fp/47/nudist-gallery.html nudist gallery, ludgk, http://stableshop.com/modlogan/567/barack-o...

http://cineads.com/newsfeed/50/americans-for-prosperity.html americans for prosperity, 79171, http://babycareblog.info/wp-admin/57/reverse-gangbang.html reverse gangbang, %-[[[, http://digitalmedia-...

http://38.to/cp/88/index.html kiddie porn, bwvosx, http://portablecrusher.info/cp/25/urban-clothing.html urban clothing, 689, http://chilkoriver.com/modlogan/59/naked-massage-videos.html naked massa...

This email address sends email back to my server with this address \"noreply@gsmdm.org\" with an attachment containing virus. There is no such address in my email organization and my IP is 75.23.225...

This email address sends email back to my server with this address "noreply@gsmdm.org" with an attachment containing virus. There is no such address in my email organization and my IP is 75.23.225...

30/09/2010 11:38:39 PM Opened TCP/IP connection from 93.37.133.63,2263 to x.x.x.x,25 30/09/2010 11:38:39 PM Opened TCP/IP connection from 93.37.133.63,2265 to x.x.x.x,25 30/09/2010 11:38:39 PM Opene...

30/09/2010 10:31:16 PM Opened TCP/IP connection from 88.191.88.213,48254 to x.x.x.x,110 30/09/2010 10:31:16 PM Opened TCP/IP connection from 88.191.88.213,57798 to x.x.x.x,110 30/09/2010 10:31:16 PM...

30/09/2010 02:41:08 AM Opened TCP/IP connection from 123.204.204.213,3957 to x.x.x.x,25 30/09/2010 02:41:08 AM Opened TCP/IP connection from 123.204.204.213,3958 to x.x.x.x,25 30/09/2010 02:41:08 AM...

30/09/2010 02:41:08 AM Opened TCP/IP connection from 123.204.204.213,3957 to x.x.x.x,25 30/09/2010 02:41:08 AM Opened TCP/IP connection from 123.204.204.213,3958 to x.x.x.x,25 30/09/2010 02:41:08 AM...

30/09/2010 02:41:08 AM Opened TCP/IP connection from 123.204.204.213,3957 to x.x.x.x,25 30/09/2010 02:41:08 AM Opened TCP/IP connection from 123.204.204.213,3958 to x.x.x.x,25 30/09/2010 02:41:08 AM...

30/09/2010 02:41:08 AM Opened TCP/IP connection from 123.204.204.213,3957 to x.x.x.x,25 30/09/2010 02:41:08 AM Opened TCP/IP connection from 123.204.204.213,3958 to x.x.x.x,25 30/09/2010 02:41:08 AM...

20/09/2010 06:56:03 PM Opened TCP/IP connection from 190.179.169.196,3477 to x.x.x.x,25 20/09/2010 06:56:03 PM Opened TCP/IP connection from 190.179.169.196,3474 to x.x.x.x,25 20/09/2010 06:56:03 PM...

19/09/2010 01:15:32 AM Opened TCP/IP connection from 184.154.88.74,61418 to x.x.x.x,25 19/09/2010 01:15:32 AM Opened TCP/IP connection from 184.154.88.74,61422 to x.x.x.x,25 19/09/2010 01:15:32 AM O...

16/09/2010 01:40:16 PM Opened TCP/IP connection from 115.81.20.205,3710 to x.x.x.x,25 16/09/2010 01:40:16 PM Closed TCP/IP connection from 115.81.20.205,3710 to x.x.x.x,25 16/09/2010 01:40:17 PM SMT...

16/09/2010 06:09:32 PM Opened TCP/IP connection from 124.11.139.218,2218 to x.x.x.x,25 16/09/2010 06:09:32 PM Opened TCP/IP connection from 124.11.139.218,2213 to x.x.x.x,25 16/09/2010 06:09:32 PM O...

14/09/2010 09:28:34 AM Opened TCP/IP connection from 213.251.160.125,56703 to x.x.x.x,80 14/09/2010 09:28:34 AM Closed TCP/IP connection from 213.251.160.125,56703 to x.x.x.x,80 14/09/2010 09:28:34 ...

14/09/2010 05:58:28 AM Opened TCP/IP connection from 204.152.202.26,43237 to x.x.x.x,25 14/09/2010 05:58:28 AM Opened TCP/IP connection from 204.152.202.26,52819 to x.x.x.x,25 14/09/2010 05:58:28 AM...

13/09/2010 01:18:03 AM Opened TCP/IP connection from 60.8.11.54,46162 to x.x.x.x,25 13/09/2010 01:18:03 AM Opened TCP/IP connection from 60.8.11.54,46163 to x.x.x.x,25 13/09/2010 01:18:03 AM Opened ...

10/09/2010 05:22:21 AM Opened TCP/IP connection from 115.81.184.248,3935 to x.x.x.x,25 10/09/2010 05:22:21 AM Closed TCP/IP connection from 115.81.184.248,3935 to x.x.x.x,25 10/09/2010 05:22:22 AM S...

10/09/2010 05:22:19 AM Closed TCP/IP connection from 115.81.184.248,3860 to x.x.x.x,25 10/09/2010 05:22:20 AM SMTP Server [0ED0:0017-0AAC] Attempt to relay mail to starwae@hotmail.com rejected for po...

10/09/2010 05:05:45 AM Opened TCP/IP connection from x.x.x.x,3203 to 10.1.1.105,25 10/09/2010 05:05:46 AM SMTP Server [0ED0:0011-0178] Attempt to relay mail to superedm001@yahoo.com.tw rejected for p...

09/09/2010 02:53:58 PM Opened TCP/IP connection from 124.11.139.118,4346 to x.x.x.x,25 09/09/2010 02:54:00 PM SMTP Server [0ED0:0008-083C] Attempt to relay mail to vbibirom@gmail.com rejected for pol...

06/09/2010 04:06:36 AM Opened TCP/IP connection from 114.45.0.94,1909 to x.x.x.x,25 06/09/2010 04:06:36 AM Opened TCP/IP connection from 114.45.0.94,1912 to x.x.x.x,25 06/09/2010 04:06:36 AM Opened ...

We have told yahoo over & over & over that this is happening, maybe they are in the hacking business now 08/09/2010 08:47:13 AM Opened TCP/IP connection from 114.36.160.94,3852 to x.x.x.x,25 08/0...

Trying to relay spam through SMTP...

05/09/2010 02:00:52 AM Opened TCP/IP connection from 173.203.60.196,56285 to x.x.x.x,25 05/09/2010 02:00:53 AM Opened TCP/IP connection from 173.203.60.196,56289 to x.x.x.x,25 05/09/2010 02:00:53 ...

These guys are baby hackers, they can only open & close ports :) 02/09/2010 11:39:06 AM Opened TCP/IP connection from 218.211.189.230,31748 to x.x.x.x,110 02/09/2010 11:39:06 AM Opened TCP/IP conn...

27/08/2010 02:25:29 PM Opened TCP/IP connection from 201.250.46.185,2454 to x.x.x.x,25 27/08/2010 02:25:29 PM Opened TCP/IP connection from 201.250.46.185,2456 to x.x.x.x,25 27/08/2010 02:25:29 PM d...

25/08/2010 11:30:10 PM Opened TCP/IP connection from 111.250.170.39,4202 to x.x.x.x,25 25/08/2010 11:30:11 PM SMTP Server [0EF4:0015-0990] Attempt to relay mail to superedm001@yahoo.com.tw rejected f...

26/08/2010 12:24:19 AM Opened TCP/IP connection from 111.250.170.39,1726 to x.x.x.x,25 26/08/2010 12:24:20 AM SMTP Server [0EF4:0013-0FA8] Attempt to relay mail to superedm001@yahoo.com.tw rejected f...

25/08/2010 11:16:14 PM Opened TCP/IP connection from 111.250.170.39,3997 to x.x.x.x,25 25/08/2010 11:16:17 PM SMTP Server [0EF4:0015-0FA8] Attempt to relay mail to superedm001@yahoo.com.tw rejected f...

30/08/2010 02:08:07 PM Opened TCP/IP connection from 124.12.26.22,4956 to 10.1.1.105,25 30/08/2010 02:08:07 PM dbMon 3: Created SMTP Connect Document - IP \'124.12.26.22\' Host \'124.12.26.22\' - f...

28/08/2010 01:53:48 AM Opened TCP/IP connection from 58.181.33.164,39956 to 10.1.1.105,110 28/08/2010 01:53:49 AM Closed TCP/IP connection from 58.181.33.164,39956 to 10.1.1.105,110 28/08/20...

27/08/2010 11:15:14 AM Opened TCP/IP connection from 88.146.220.23,38481 to x.x.x.x,80 27/08/2010 11:15:14 AM Closed TCP/IP connection from 88.146.220.23,38481 to x.x.x.x,80 27/08/2010 11:15:15 AM O...

26/08/2010 04:36:48 PM Opened TCP/IP connection from 125.25.174.227,23768 to x.x.x.x,110 26/08/2010 04:36:48 PM Closed TCP/IP connection from 125.25.174.227,23768 to x.x.x.x,110 26/08/2010 04:36:49 ...

I have warned yahoo about these attempts, but they seem happy to have them go on & on & on :( 24/08/2010 12:10:32 PM Opened TCP/IP connection from 118.168.119.103,1529 to x.x.x.x,25 24/08/2010 12:...

took over my mail account and conducted smtp fraud...

Sent Spam emails by login in to out SMTP...

Spamming from our SMTP server, sending 50,000+ emails per day. 2010-08-04 00:00:00 66.205.148.146 User SMTPSVC1 CORP-SRV04 192.168.100.24 0 DATA - <CORP-SRV04pGR881Np70000013c@cwga.com.au> 250 0 12...

03/08/2010 08:45:44 PM Opened TCP/IP connection from 124.11.145.89,2278 to x.x.x.x,25 03/08/2010 08:45:45 PM SMTP Server [02C0:0015-1120] Attempt to relay mail to vbibirom@gmail.com rejected for ...

29/07/2010 10:16:41 PM Opened TCP/IP connection from 59.42.225.5,4224 to x.x.x.x,25 29/07/2010 10:16:41 PM Opened TCP/IP connection from 59.42.225.5,4223 to x.x.x.x,25 29/07/2010 10:16:41 PM Open...

03/08/2010 04:39:28 PM Opened TCP/IP connection from 116.18.31.110,16678 to x.x.x.x,25 03/08/2010 04:39:35 PM SMTP Server [02C0:0013-15A0] Attempt to relay mail to smtp100@sina.com rejected for p...

27/07/2010 01:27:37 PM Opened TCP/IP connection from 206.53.150.191,45914 to x.x.x.x,110 27/07/2010 01:27:38 PM SMTP Server [0C14:000B-07D4] Attempt to relay mail to vkihwpdh@yahoo.com.tw rejected ...

Somehow the person at this address got hold of my gmail password and then attempted to send out an email to all my contacts containing a link to a page containing a virus. The initial link was to http...

Trying to route mass mail through my mail server...

This IP shows to be \"localhost\" but uses this ip address for sending spam to gmail.com accounts from our Servers....

This IP shows to be "localhost" but uses this ip address for sending spam to gmail.com accounts from our Servers....

74.14.237.105 has been connecting to my mail server attempting to relay email using various to and from user names and domains. My mail server is configured to not relay mail, but the attempts continu...

write to me and accuse me, Filtred by IP Lookup with sbl-xbl.spamhaus.org....

Many brute force in my fail2ban log...

This address has continued to make unauthorised smtp relay attempts at my email server. This is persistent a few times an hour over several days....

Sends out spam purportedly from the recipient, by using \\\'reply to\\\' and \\\'sent for\\\' fields....

Sends out spam purportedly from the recipient, by using 'reply to' and 'sent for' fields....

access type: unknown date: 16th june 2010...

on 8th June at 10pm GMT an attack came from the IP. The person was running a script looking for commonly used email names on my SMTP server. Password guessing was basic....

on 16th June at 10pm GMT an attack came from the IP. The person was running a script looking for commonly used email names on my SMTP server. Password guessing was basic....

on 16th June at 10pm GMT an attack came from the IP. The person was running a script looking for commonly used email names on my SMTP server. Password guessing was basic....

http://fulikent.com/wp-content/themes/887/wailing-wall160.html Wailing Wall , =-( , http://cherryhillbmx.com/aspnet_client/system_web/53/our-lady-of-fatima245.html Our Lady Of Fatima , 769 , http://...

May 23 16:19:13 (none) user.emerg kernel: idslog synrstfinIN=ppp_0_1_32_1 OUT= MAC= SRC=75.125.39.74 DST=89.182.78.138 LEN=40 TOS=0x00 PREC=0x00 TTL=34 ID=256 PROTO=TCP SPT=6877 DPT=23431 WINDOW=365...

I have been receiving emails supposedly from one of my contacts (in gmail), from my friend with a hotmail address. The emails are always about a new product she has purchased with a link to a webisite...

A box pops up stating that there is a Warning! Identity theft attemp detected or 26 viruses found please prevent attack. I have not clicked on prevent attack or the other box to remov all viruses. I ...

The above IP is constantly trying to spoof one of our users email address\\\'s and is using this IP to try to send email to any user it can. This has been going on for a couple of days now. Please ...

I have an email server set up, which someone from this IP address is using my server to send emails using a non-existent email address, taking advantage of my server.....sending over 75000 emails ......

theis IP is sending thousands of emails through my mail server...

log into mail server to sent out spam mail....

log into mail server to sent out spam mail....

log into mail server to sent out spam mail....

Spam is originating from 123.50.210.126, and spoofing outgoing address. This has also been connected to mass mail malware thought to be connected to a Firefox Addin. Header info below; X-Message-D...

220.178.117.52 18 10:32:44.82:8184: -ERR User: sys Domain: datacentresecurity.com, Too many login attempts, try again later. Setting g_bad_login ip=220.178.117.52 18 10:32:45.59:2148: -ERR User: pro...

23 18:14:53.48:7500: pop: User: admin Domain: datacentresecurity.com, IP: 59.44.43.204, -ERR admin@datacentresecurity.com password wrong or not a valid user 23 18:14:55.14:7500: pop: User: test Domai...

Email spoofing - probably linked to a worm/virus...

Used my email to send this message: Subject: Re: I recently found a very good company, its products are very cheap, delivery is also very fast, I've bought some products, quality is very good, y...

Received an email from this person to click on a link and verify my Banking details. The url to be clicked on is NOT my Bank. This is an illegal phishing attempt....

I NEED YOUR URGENT ASSISTANCE IN TRANSFERRING THE SUM OF ($25.6)MILLION IMMEDIATELY TO YOUR ACCOUNT.THE MONEY HAS BEEN DORMANT FOR YEARS IN OUR BANKHERE WITHOUT ANY BODY COMING FOR IT. Message deta...

We wish to notify you again that you were listed as a beneficiary to the total sum of $11,300,000.00 (Eleven million One hundred thousand american dollars)in the codicil and last testament of the de...

FYI, google "block ip by country" and there's a great site that generates an .htaccess for allowing whichever countries you like into your server. I selected USA and it states about 1.5million IP's a...

emailing spam as myspace...

Also attempted to connect to mail my mail-server....

Delivered-To: j****6@gmail.com Received: by 10.114.67.19 with SMTP id p19cs251001waa; Wed, 27 Jan 2010 10:43:19 -0800 (PST) Received: by 10.101.132.39 with SMTP id j39mr11987819ann.103.1264...

Delivered-To: j****6@gmail.com Received: by 10.114.67.19 with SMTP id p19cs251001waa; Wed, 27 Jan 2010 10:43:19 -0800 (PST) Received: by 10.101.132.39 with SMTP id j39mr11987819ann.103.1264...

Delivered-To: j****6@gmail.com Received: by 10.114.67.19 with SMTP id p19cs313912waa; Thu, 28 Jan 2010 07:03:05 -0800 (PST) Received: by 10.220.122.15 with SMTP id j15mr2066376vcr.90.126469...

SMTP flood...

A: yyhadiraa@yahoo.comHi, My 2006 Honda Odyssey EX-L is in great shape,no engine problems,damages or hidden defects. Hasn't been involved in any accident. It was always garaged and never kep...

This ip adress sent mails in my name to my contacts...

LS, I get a constant stream of mailbounces from the address 200.74.245.5. Return-Path: <> Received: from edge04.upc.biz ([192.168.13.239]) by viefep19-int.chello.at (InterMail vM.7.0...

This IP Address has hacked an email account on my server an sent and excess of 90 000 emails on one of my internal email addresses....

From: Provoli Communications Inc <info@provoli.gr> X-ClientAddr: 123.19.234.13 Received: from alsatran.com ([123.19.234.13]) Above are mail headers I am the owner of Provoli Communications but...

Many attacks on our pop accounts (not succesful)...

Email is sent falsely claiming to represent Citibank with list of authorized emails on user's account with link attached in email for user to make corrections to authorized email addresses on account....

From this IP address the sender is sending numerous emails to our company domain using our own domain name address ( masking ) in an attempt to get staff to click on a link imbedded in the email. T...

received from 94.124.84.11 and 64.186.137.180 seen on source email message . France - Whois Information OrgName: VPSLAND.COM, LLC OrgID: VPSLA Address: 227 Sandy Springs Place Ad...

received from 94.124.84.11 and 64.186.137.180 seen on source email message...

Using tracked IP to send Bank fraud spam from our IP...

Taking our IP to send Bank Spam Mail continues...

Taking our IP to send Bank Spam Mail...

Using our reply back to send scam e-mails, 3,000 a day...

Using our reply back to send bank scam e-mails, 40,000 a day...

IP has been attempting to crack the SMTP password of an email account named 'test' on our email server. must have been looking for common account names and is now attempting to crack - ongoing for app...

IP has been attempting to crack the SMTP password of an email account named \\\\\\\'test\\\\\\\' on our email server. must have been looking for common account names and is now attempting to crack - o...

IP has been attempting to crack the SMTP password of an email account named \'test\' on our email server. must have been looking for common account names and is now attempting to crack - ongoing for a...

recive several mail from this ip . ...

It\'s funny goodluck http://www.bluelink.net/NewForoom//viewtopic.php?f=20&t=39793 free lolita mpeg =-))) http://www.bluelink.net/NewForoom//viewtopic.php?f=20&t=39855 illegal girl kid porn 200 http...

magic story very thanks http://web.cfa.arizona.edu/colorguard/phpBB2/viewtopic.php?p=1880 free horse rape video 988 http://web.cfa.arizona.edu/colorguard/phpBB2/viewtopic.php?p=648 Nude Beauty altfq...

They are using my email address, justd@justd.ws in their 'from' address and mailing out so that they appear to be me Example of last such: "Lakisha Oazq" <justd@justd.ws> Samoa...

I blocked this IP address from connecting to my email server. Yet, I still have seen over 22,000 attempts from this address to connect to me in the past 3 days....

For me too. Return-path: <dad@noahswitzer.com> Envelope-to: dad@noahswitzer.com Delivery-date: Wed, 27 May 2009 08:13:16 -0500 Received: from [90.177.167.227] (helo=227.167.broadband10.iol.cz) ...

Dear Sir, This IP address 174.129.162.38, has been trying to send fraud/spam emails through our SMTP server since yesterday with a rate of 30-50 emails per minute, we are using kero 6 mail server t...

Dear Sir, This IP address 174.129.162.38, has been trying to send fraud/spam emails through our SMTP server since yesterday with a rate of 30-50 emails per minute, we are using kero 6 mail server t...

Spamming!!!!!!!!!!...

They are spoofing Return-path: <terry@xstremedesign.com> Envelope-to: terry@xstremedesign.com Delivery-date: Sun, 26 Apr 2009 14:53:58 -0400 Received: from pd9e189d1.dip.t-dialin.net ([217.225.1...

r2nrNp http://google.com...

thye are sending thousands of spam emails as me as the sent from...

I have received many Spam attacks by a user registered to 189.25.43.147 veloxzone.com.br domain With an add resolving to: http://ccpyfl.goszuhaz.cn/?QGLIAIQJWMEPTVDM...

alcodro4 yo http://web082.asp.lv/Img/Limg/tmp/tube-porn/index6.html http://forum.jobscentral.com.sg/member.php?u=217 http://arenablanes.com/var/gallery2/lib/smarty/data/tube/index3.html http://www...

2009/01/31 13:24:26 93.113.82.102 admin 2009/01/31 14:23:40 210.176.252.66 info 2009/01/31 14:23:42 210.176.252.66 info 2009/01/31 14:23:44 210.176.252.66 info 2009/01/31 14:23:46 210.176.252.66 i...

Email Content: Click Here! <http://> About this mailing: You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to recei...

This IP address managed to relay through our exchange server. Our server was setup correctly, no open relay and auth required. They managed to authenticate to the server and relay spam through under t...

this ip address is fishing for emails then blasting spam ...

Return-Path: <gman2006@orange.nl> Received: from mwinf6617.online.nl (mwinf6617.online.nl) by mwinb6201 (SMTP Server) with LMTP; Thu, 25 Dec 2008 13:08:30 +0100 X-Sieve: Server Sieve 2.2 Received:...

Return-Path: <gman2006@orange.nl> Received: from mwinf6004.online.nl (mwinf6004.online.nl) by mwinb6201 (SMTP Server) with LMTP; Sat, 13 Dec 2008 09:46:09 +0100 X-Sieve: Server Sieve 2.2 Received...

219.145.148 to local port 1434 attack my computer saying intrustion win. mssql worm.helkern often pop up in msg to my computer. thought kaspersky security protection 2009 should block that. can u hel...

Viagra ads, stating I signed up to receive messages from MSN which is false. How low will this garbage stoop to make a penny?...

sdf][pkgdf []tplh[rhb\'b;l, ,pkojyp[ ty[ ktr[k fgri3wwiou i ghiwaa rko ereso0f kjnokj r...

We are receiving email from our own domain .. from a user who is not on our domain....

We are receiving email from our own domain .. from a user who is not on our domain....

through this adress i hv been demanded money fro any fraud processing,i am new one in internet,plz advise me abt them on ballove.badshah@gmail.com...

through this adress i hv been demanded money fro any fraud processing,i am new one in internet,plz advise me abt them on ballove.badshah@gmail.com...

this SMTP server has maintained a connection to our server for 3660078 seconds as of this time. timeout on our SMTP server is 10 minutes so I don\'t even know how this is possible. Thanks...

2008-03-20 19:07:59.650532500 18147 Accepted connection 0/40 from 219.84.56.244 / 219-84-56-244-adsl-tpe.dynamic.so-net.net.tw 2008-03-20 19:07:59.651465500 18147 Connection from 219-84-56-244-adsl-tp...

unauthorized smtp access to the router...

From Paul Martinez Wed Jan 16 01:42:13 2008 X-Apparently-To: brentbase_2000@yahoo.co.uk via 217.146.176.79; Wed, 16 Jan 2008 01:42:25 0000 X-Originating-IP: [69.147.97.92] Return-Path: <themace...

From Paul Martinez Wed Jan 16 22:23:27 2008 X-Apparently-To: brentbase_2000@yahoo.co.uk via 217.146.176.82; Wed, 16 Jan 2008 22:23:28 0000 X-Originating-IP: [69.147.97.99] Return-Path: <themace...

From Paul Martinez Fri Jan 18 11:26:29 2008 X-Apparently-To: brentbase_2000@yahoo.co.uk via 217.146.176.251; Fri, 18 Jan 2008 11:26:30 0000 X-Originating-IP: [69.147.97.99] Return-Path: <themac...